Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-25881 (GCVE-0-2022-25881)
Vulnerability from cvelistv5 – Published: 2023-01-31 05:00 – Updated: 2025-03-27 17:16| Vendor | Product | Version | |
|---|---|---|---|
| n/a | http-cache-semantics |
Affected:
0 , < 4.1.1
(semver)
|
|
| n/a | org.webjars.npm:http-cache-semantics |
Affected:
0 , < 4.1.1
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:49:44.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-HTTPCACHESEMANTICS-3248783"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3253332"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kornelski/http-cache-semantics/blob/master/index.js%23L83"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230622-0008/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25881",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-27T17:16:22.393784Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333 Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T17:16:32.835Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "http-cache-semantics",
"vendor": "n/a",
"versions": [
{
"lessThan": "4.1.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"product": "org.webjars.npm:http-cache-semantics",
"vendor": "n/a",
"versions": [
{
"lessThan": "4.1.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Carter Snook"
}
],
"descriptions": [
{
"lang": "en",
"value": "This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "Regular Expression Denial of Service (ReDoS)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-22T14:06:15.662Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-HTTPCACHESEMANTICS-3248783"
},
{
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3253332"
},
{
"url": "https://github.com/kornelski/http-cache-semantics/blob/master/index.js%23L83"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230622-0008/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2022-25881",
"datePublished": "2023-01-31T05:00:01.220Z",
"dateReserved": "2022-02-24T11:58:26.944Z",
"dateUpdated": "2025-03-27T17:16:32.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-25881",
"date": "2026-07-01",
"epss": "0.01613",
"percentile": "0.73002"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:*:*:*:*:*:node.js:*:*\", \"versionEndExcluding\": \"4.1.1\", \"matchCriteriaId\": \"E53F1471-9539-43FB-A9D9-C735195E7BC4\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.\\r\\r\"}, {\"lang\": \"es\", \"value\": \"Esto afecta a las versiones del paquete http-cache-semantics anteriores a la 4.1.1. El problema se puede explotar mediante valores de encabezado de solicitud maliciosos enviados a un servidor, cuando ese servidor lee la pol\\u00edtica de cach\\u00e9 de la solicitud utilizando esta librer\\u00eda.\"}]",
"id": "CVE-2022-25881",
"lastModified": "2024-11-21T06:53:09.463",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"report@snyk.io\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
"published": "2023-01-31T05:15:11.810",
"references": "[{\"url\": \"https://github.com/kornelski/http-cache-semantics/blob/master/index.js%23L83\", \"source\": \"report@snyk.io\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230622-0008/\", \"source\": \"report@snyk.io\"}, {\"url\": \"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3253332\", \"source\": \"report@snyk.io\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://security.snyk.io/vuln/SNYK-JS-HTTPCACHESEMANTICS-3248783\", \"source\": \"report@snyk.io\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/kornelski/http-cache-semantics/blob/master/index.js%23L83\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230622-0008/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3253332\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://security.snyk.io/vuln/SNYK-JS-HTTPCACHESEMANTICS-3248783\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "report@snyk.io",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"report@snyk.io\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-1333\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-1333\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-25881\",\"sourceIdentifier\":\"report@snyk.io\",\"published\":\"2023-01-31T05:15:11.810\",\"lastModified\":\"2026-06-17T04:34:26.123\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.\"},{\"lang\":\"es\",\"value\":\"Esto afecta a las versiones del paquete http-cache-semantics anteriores a la 4.1.1. El problema se puede explotar mediante valores de encabezado de solicitud maliciosos enviados a un servidor, cuando ese servidor lee la pol\u00edtica de cach\u00e9 de la solicitud utilizando esta librer\u00eda.\"}],\"affected\":[{\"source\":\"report@snyk.io\",\"affectedData\":[{\"vendor\":\"n/a\",\"product\":\"http-cache-semantics\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"4.1.1\",\"versionType\":\"semver\",\"status\":\"affected\"}]},{\"vendor\":\"n/a\",\"product\":\"org.webjars.npm:http-cache-semantics\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"4.1.1\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"report@snyk.io\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2025-03-27T17:16:22.393784Z\",\"id\":\"CVE-2022-25881\",\"options\":[{\"exploitation\":\"poc\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"report@snyk.io\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1333\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1333\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1333\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:http-cache-semantics_project:http-cache-semantics:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"4.1.1\",\"matchCriteriaId\":\"E53F1471-9539-43FB-A9D9-C735195E7BC4\"}]}]}],\"references\":[{\"url\":\"https://github.com/kornelski/http-cache-semantics/blob/master/index.js%23L83\",\"source\":\"report@snyk.io\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20230622-0008/\",\"source\":\"report@snyk.io\"},{\"url\":\"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3253332\",\"source\":\"report@snyk.io\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.snyk.io/vuln/SNYK-JS-HTTPCACHESEMANTICS-3248783\",\"source\":\"report@snyk.io\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/kornelski/http-cache-semantics/blob/master/index.js%23L83\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20230622-0008/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3253332\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.snyk.io/vuln/SNYK-JS-HTTPCACHESEMANTICS-3248783\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.snyk.io/vuln/SNYK-JS-HTTPCACHESEMANTICS-3248783\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3253332\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/kornelski/http-cache-semantics/blob/master/index.js%23L83\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230622-0008/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T04:49:44.438Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-25881\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-27T17:16:22.393784Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1333\", \"description\": \"CWE-1333 Inefficient Regular Expression Complexity\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-27T17:16:28.834Z\"}}], \"cna\": {\"credits\": [{\"lang\": \"en\", \"value\": \"Carter Snook\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"http-cache-semantics\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"4.1.1\", \"versionType\": \"semver\"}]}, {\"vendor\": \"n/a\", \"product\": \"org.webjars.npm:http-cache-semantics\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"4.1.1\", \"versionType\": \"semver\"}]}], \"references\": [{\"url\": \"https://security.snyk.io/vuln/SNYK-JS-HTTPCACHESEMANTICS-3248783\"}, {\"url\": \"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3253332\"}, {\"url\": \"https://github.com/kornelski/http-cache-semantics/blob/master/index.js%23L83\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230622-0008/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"cweId\": \"CWE-1333\", \"description\": \"Regular Expression Denial of Service (ReDoS)\"}]}], \"providerMetadata\": {\"orgId\": \"bae035ff-b466-4ff4-94d0-fc9efd9e1730\", \"shortName\": \"snyk\", \"dateUpdated\": \"2023-06-22T14:06:15.662Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-25881\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-27T17:16:32.835Z\", \"dateReserved\": \"2022-02-24T11:58:26.944Z\", \"assignerOrgId\": \"bae035ff-b466-4ff4-94d0-fc9efd9e1730\", \"datePublished\": \"2023-01-31T05:00:01.220Z\", \"assignerShortName\": \"snyk\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2023:2098
Vulnerability from csaf_redhat - Published: 2023-05-03 15:32 - Updated: 2026-07-02 09:03A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:97953db07d72c8c9bc4a02d9d9828e0356564ae077a5627008cd935eacd3c431_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:cdeac0e0e24681815d84fa4adcdba1ba6f58e13eef2ba40e339d925b9d6e31ac_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:e23fd8486bb6d5a855c19fa5c6deacc4b618050b24682a39e43c72b54d477259_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:e9db5bbb914fc5acb2fd4043fe080871137efa7898076978e6760d066cb6e3ae_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:1059dcf0baa10711293d1a68e2cf94007700c10ae766108e4516363d7719b053_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:2e08cfabf6782aa509b30121ba3ec0c892bc72561623389b79c0913d92f6e7cb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:45980a82d18011f10fa1359ee4f8bb58f1d733945c95c05c65cf9ed27ffc7711_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:ca21d47df9252c588ac3b62ee4c9c316dd78841f4c01370d000a82b4bf6989d4_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:010f4302c1a117c4b6acec689dc4b3e163a7aa8248a8cb404ea798332e763a2d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:528c1beba81ee8df1d285d6a6247aa9d5e015e3383b3df24069a953a13ae6af4_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:8b80abdec9e38c0cc9bf194bd5258ec64eedd989f9d6cd1c9d5abc2c553e1496_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:d2553de872868aca142da2831e08e9ad8d59cebda44460e0c0f8fdb6554e8f7a_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-agent-rhel8@sha256:1efe34c3f8b6303b397c74ddb2b43ac782dfa5bce69108eedd6b6122ced14601_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-agent-rhel8@sha256:5625b33a8e26fa2531a5da42151b8cda7592c6f4252d4b5d1b81e2a822509634_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-reporter-rhel8@sha256:6c652ca955753d38ae8001a96a7566f9fddeda7dafb539c5690ef9e59dba5898_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-reporter-rhel8@sha256:c91750d80bda566c0ec42de51da726ee12639011c5d20f407b9b1aeaaf580735_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-reporter-rhel8@sha256:f3550478f1c5c94c40e14fb621238cdaa2a774cb20ca5c5a7b396c525bb7b119_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-rhel8@sha256:0124ef35b82f022c1067926e82c8d5b87dbecd9faaacf95222a971489f3cdbc7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-rhel8@sha256:3931b8f7b46b45cd03e3fbfbe086096ba314a03a764f2a2793c1c6296f976c4f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-rhel8@sha256:963dfc99b824553e6d824e9e82f01771b6f9418e0e0e7d12cb63400ce20d1a18_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:3012a831579eea8ad086e93891425e69dc0032085bd1b27241ab365ff6eaeef9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:71850057b0538d3b2e2279e4db976feeffc6250f02027ad7063236369f63407f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:b390f8ad0a6300897c423ccf7a3b5b5ccaf0376f7db41433db04e02f94c6450b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:eb1387b820c9de595a0e7fb85ead887fcb75ea5fda6bfd786ff4e4985421dd3d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:5696b46bc8706b1774816a604686d7f86314fa75e213e208e6866aa3e0b9c07b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:66f04ea3ac06850f613a425ea8187e3239ef2ec1b75f5ace99ee02586ae8d58c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:6eed5640e54dcf316b7066be74a7e4d3ba5518104806b9889c4602c8314141bc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:a0a3320c90275244b8bca4e4498b86ebc1a3686d7087af20929231788699459a_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:320e4df9f6cc6859a3d07dddb7b7d85833c6c03aa07cac7ad2ba200defbb6273_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:3b2e31ac71b7fce2babcb0dc2e662adf2be4765e0ee45a9c56d45a74d9d2cc6a_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:6d43e17b3ab9fdf058c7be85a39fbf51a13017db4ca48ad87bdce2aab4b10bea_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:92b1741abd7956f31d8230e3b03c7946845fe1fea347108b1e8f9d1775b21ec8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:0a53815dd1518a8e10ea26c9f3a024c675a41f901bd0d81a0bc6974f837342fd_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:2cbfaec7d07fc6bf940a300c949f3947e0a520524410432b7b519bd1e0ec9a1f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:67198da77e57e2d95f586b936bc8722a4eb20ba788e6517a8db7063b5360a0d4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:bf3c059f40af3d2b9861554d2d44f8b46276bfefdcaef446db289d3fc1024e90_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:8c37756fda2356c49d09413842c29d6d040970e90db1aff2c1e95fed50fb706f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:9b1147e21ad2d09ae2fbe6e85fc60d11244507c67ce88821af1e4894fb3a0f18_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:a104efc00d5605f7a8d69400032baa2bbd1aa2371e5b3386ba667d8b6ce3d466_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:e994ecb70c2b61627a12d6651126da1616862c7121f85ec36883feb6482cdd76_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:ae5f08167c324a5a09332ec9fbfd26dbf750dfe9fb0f3f20b1c3eaff428628d3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:c67a2d4058dab7046d81159442cb751b79d14ce66868c5f02c58e41949a0ff92_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:f64b4dd9ae882951c4ea5a0a8228365d0f2fbf525389da4955c676b9e5b9b301_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:f8574b6e0214f8a3ef5bdcb2bb45612001b1174ad514a1d130fa965d882799ea_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:2d63f24ede8bcd88a28a83b0b08ace3c3d83324ecf8fe1d1668a4598355a6172_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:62133004ef96b4d55d1cc2849605869096cbe8b1fe547425d9b17369a39cdd9b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:67204a2cae0b957eea73936132cc17d2760d4191e894bc864850da4701f2c287_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:9e7795ff57aa032f40b2370c472bc77d9dfe94a2def4a800664d8dd2603287b6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:291ec74b7090fe978c3177ef010fffccfa2aa5577f260afbb77346a856701c57_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:aef69de3c4180dfbe2a962a3b76bb7a43abf69b4831754d477ad6c2ff7025e4c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:c09a2cb2645bd5185ff2f8eaa55faf347eb88cad23ac950786fcc86885e38e14_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:d46cabb6560cc0e35d2ddb3ab4796e72b7065d78b7ccefc9b66de1463642ecb6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:530a667f5ad05a09af6cd33f751f1357b36a0e09ab487e5a3c36a026410f3bf0_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:77791c7940c9f85a944124671387b7516de1a6eb8e041d5444e37cbccef9a85d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:a42f3167ed09241a24d8884b0b757f01fbf8dc64eec84eeb796ebb7685e3b21d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:b0799509c1ee7b0edf031c55d96bd0d2345deb2fdbb70f573ac45c4a895dab16_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:887547d481f3f818733fa25a8f64c77a376adb60099de728ea90190561200404_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:af98a2684f06cded753b43f8f25bd63f1b08e6b4cb2b9f3ac985f487d30de108_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:c26c4d3be3429ad2523cc35e5ff3b6f97e472de421a5a6429934d0356e188d55_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:c500c34bcb80bc2a905f597e70e5cd1b2ff17a2e85e54963ce1e56a8c9f425d9_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:56f69d5ac57ef0794b05aad95a0cc0e22b18fa3fbf2b5b7f8b75ab731add3b4b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:720ec4d34ae8632fafe7d7fcc4458b0829dac6ca72c1b3d3198d1f9030a6d36c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:90928e22f4899ecb02c43369165985d1724854b3e50a312fea4d84afa5ccfad2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:fbd97fc8f1783f1d27f40e3f82af3d84edbb375927399ba41a13f9de9cc4d6a6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:4099d03b88270583ebfa88cc0871c866a0e4fae23cb3f7ac0f30a044abbfc19c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:6a86908cfe9af55e299a23b413517fabce707297d8a9eb27072b8e54626c937b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:7a86f63853bce0130300cac12c1dbe132e8b2cdb50aea05b3a0f9c6b1dd3bacf_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:e56690d30293de9cdd587577102fa9809f7c5dad2ae4f8403fcc2e79fac5b9af_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/klusterlet-operator-bundle@sha256:ddd18b21fafa2176bfbde814a53fc5a40b3722b12d79c4157d667dbfa1325237_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:1f70e2efd2e2b9e94f3d1bed8b8e4590593d2d4b504fabc76e165ed709960cc9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:82db3097c74cbadff07c3c640ba6fc1f33cafd3cbc49428af9b3ddc448b7ecd0_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:a613afada089b991101c09d4ee7e1d956db084bcfbd050950fc5911ac3474a7b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:f90f0e95129a18aef15c042623876ba25021ab712ab8e49436f8fc93db819c0a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/mce-operator-bundle@sha256:a73bac9337c0fae87839aa22e019e7b7ce67367510eb2f18dd1aab56e036793d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/mce-operator-bundle@sha256:e156e524f1327c690d775ceef353f49c1502fca33812f66e3a17b3e595fb2ff9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/mce-operator-bundle@sha256:f6210c659d0790937648774acb89ad97733a8e5497f130e47f5f5b8439eb4b9d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:549e4c2f966fb81c86dd28f63d985e0b1d7f72d52d512336bdc54e7750f19ef1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:5b04b649e4efc023eeda0c9437acdc380338f1497b4e0e338598395dccf0fca2_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:65dca9c9cdd048741de37ef876f5b57f2a5a939e3f5c9557d896bc780d791e66_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:74dc8934aab829b37a35cce6a0b1b41df138bd98eab84f4fd559df63f7a98194_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:2d66f2ed20efc0f0d010b3ef1aab1efd29f2a05855a2162eb408e57e7c396048_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:2f25417720bcae91aa8eee5ea8f1508dfbfd41d14b69b809ba19aeee86445e87_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:8b86ca9a3de32f6e628c65550a5cc828d8108fb33760222d47639625c0c16e99_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:ffef6adc375beee26475d5efc07046a1cbaa74566146dbbc71f43f32d6ce6617_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:16f551455ca900bb4797045954674c7e5d431d8c3229f6edcecb4097bd068ea4_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:2ee53e1e23e85e99762837e823e5bb6a0abb1fc223ad16b8b23c3693c9a0a283_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:3b79cce7eac143a8ae54d9fb5819eb8936ad765a43a3acc04babd251b8f10a6c_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:d966faac5b5d195777d3c5e5b47295120f86090b69274a409ab2b73874a01b3f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:531c9517a105f85924d8d59942e8026d5f9ccc0a03533a0e681028477c5391ce_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:5d1d0c97fb6d0f130edf3131c8bbabfa0ce3def974c8f242b03171f30e64178c_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:60b0d4725ffb384b99f860609dd4098253d2b1261cb6ac5c4509c7402d105991_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:98ec118c74002e645011bcbaad20671a696b5e14cf4aed48b09899c787c4008b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:4188443f596121ffd8188eaeb24da37cb51d0a22d575460f7fede72971128eb5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:61faeb1612a344edc47d53ddbd4ddf4900ff7d1630ed48deea47ebed043acd4c_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:73443ddeac5dd25d399c995832888561f0450e152e25a6f4cbb60a76a0cc331d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:a9b1f13738a676f4336540e1d161a914b1c4a4c2fa86093234ddb6993db1c931_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:2196c86fdd2a40e681772bbdf6e96dc326f5016b48657be6cf5b4440058dc116_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:30f2cc473afa8da30c03511099fc41b44529ba789c0a7750c0b873c01697c7b2_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:5f0db8ee47317577914281033df563341e2716ecdfd2251be49947ce5bfddf82_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:b0c76e6b1623f786eab4867a86efbaa628f48363d0bff71b729a7e84b6e3626e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:0fc3f91ab12649fe499021a9640f3d9386b96c3cd0f444abc4e92dafcb3a8138_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:a1295ab61f30aa361493703b69c905b0fc429d7cdc0953bc4118e2fe01750418_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:a278fc25c36a1003b2c5e4494838f960e1c9b68252c39dda33fbbb96c30c65dc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:bdaac7d8e29445822071edf1dff2c52610f8dce906c02cd142b848128e0046dc_ppc64le | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Multicluster Engine for Kubernetes 2.0.8 General Availability release images, which fix bugs and security updates container images.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Multicluster Engine for Kubernetes 2.0.8 images\n\nMulticluster engine for Kubernetes provides the foundational components\nthat are necessary for the centralized management of multiple\nKubernetes-based clusters across data centers, public clouds, and private\nclouds.\n\nYou can use the engine to create new Red Hat OpenShift Container Platform\nclusters or to bring existing Kubernetes-based clusters under management by\nimporting them. After the clusters are managed, you can use the APIs that\nare provided by the engine to distribute configuration based on placement\npolicy.\n\nSecurity fix(es):\n* CVE-2022-25881 http-cache-semantics: Regular Expression Denial of Service\n(ReDoS) vulnerability",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:2098",
"url": "https://access.redhat.com/errata/RHSA-2023:2098"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_2098.json"
}
],
"title": "Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.0.8 security updates and bug fixes",
"tracking": {
"current_release_date": "2026-07-02T09:03:03+00:00",
"generator": {
"date": "2026-07-02T09:03:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2023:2098",
"initial_release_date": "2023-05-03T15:32:39+00:00",
"revision_history": [
{
"date": "2023-05-03T15:32:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-05-03T15:32:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-02T09:03:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "multicluster engine for Kubernetes 2.0 for RHEL 8",
"product": {
"name": "multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:multicluster_engine:2.0::el8"
}
}
}
],
"category": "product_family",
"name": "multicluster engine for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "multicluster-engine/agent-service-rhel8@sha256:cdeac0e0e24681815d84fa4adcdba1ba6f58e13eef2ba40e339d925b9d6e31ac_s390x",
"product": {
"name": "multicluster-engine/agent-service-rhel8@sha256:cdeac0e0e24681815d84fa4adcdba1ba6f58e13eef2ba40e339d925b9d6e31ac_s390x",
"product_id": "multicluster-engine/agent-service-rhel8@sha256:cdeac0e0e24681815d84fa4adcdba1ba6f58e13eef2ba40e339d925b9d6e31ac_s390x",
"product_identification_helper": {
"purl": "pkg:oci/agent-service-rhel8@sha256:cdeac0e0e24681815d84fa4adcdba1ba6f58e13eef2ba40e339d925b9d6e31ac?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/agent-service-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:2e08cfabf6782aa509b30121ba3ec0c892bc72561623389b79c0913d92f6e7cb_s390x",
"product": {
"name": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:2e08cfabf6782aa509b30121ba3ec0c892bc72561623389b79c0913d92f6e7cb_s390x",
"product_id": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:2e08cfabf6782aa509b30121ba3ec0c892bc72561623389b79c0913d92f6e7cb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/apiserver-network-proxy-rhel8@sha256:2e08cfabf6782aa509b30121ba3ec0c892bc72561623389b79c0913d92f6e7cb?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/apiserver-network-proxy-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/assisted-image-service-rhel8@sha256:d2553de872868aca142da2831e08e9ad8d59cebda44460e0c0f8fdb6554e8f7a_s390x",
"product": {
"name": "multicluster-engine/assisted-image-service-rhel8@sha256:d2553de872868aca142da2831e08e9ad8d59cebda44460e0c0f8fdb6554e8f7a_s390x",
"product_id": "multicluster-engine/assisted-image-service-rhel8@sha256:d2553de872868aca142da2831e08e9ad8d59cebda44460e0c0f8fdb6554e8f7a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel8@sha256:d2553de872868aca142da2831e08e9ad8d59cebda44460e0c0f8fdb6554e8f7a?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/aws-encryption-provider-rhel8@sha256:eb1387b820c9de595a0e7fb85ead887fcb75ea5fda6bfd786ff4e4985421dd3d_s390x",
"product": {
"name": "multicluster-engine/aws-encryption-provider-rhel8@sha256:eb1387b820c9de595a0e7fb85ead887fcb75ea5fda6bfd786ff4e4985421dd3d_s390x",
"product_id": "multicluster-engine/aws-encryption-provider-rhel8@sha256:eb1387b820c9de595a0e7fb85ead887fcb75ea5fda6bfd786ff4e4985421dd3d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/aws-encryption-provider-rhel8@sha256:eb1387b820c9de595a0e7fb85ead887fcb75ea5fda6bfd786ff4e4985421dd3d?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/aws-encryption-provider-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-rhel8@sha256:f8574b6e0214f8a3ef5bdcb2bb45612001b1174ad514a1d130fa965d882799ea_s390x",
"product": {
"name": "multicluster-engine/cluster-api-rhel8@sha256:f8574b6e0214f8a3ef5bdcb2bb45612001b1174ad514a1d130fa965d882799ea_s390x",
"product_id": "multicluster-engine/cluster-api-rhel8@sha256:f8574b6e0214f8a3ef5bdcb2bb45612001b1174ad514a1d130fa965d882799ea_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-rhel8@sha256:f8574b6e0214f8a3ef5bdcb2bb45612001b1174ad514a1d130fa965d882799ea?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x",
"product": {
"name": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x",
"product_id": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x",
"product": {
"name": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x",
"product_id": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:320e4df9f6cc6859a3d07dddb7b7d85833c6c03aa07cac7ad2ba200defbb6273_s390x",
"product": {
"name": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:320e4df9f6cc6859a3d07dddb7b7d85833c6c03aa07cac7ad2ba200defbb6273_s390x",
"product_id": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:320e4df9f6cc6859a3d07dddb7b7d85833c6c03aa07cac7ad2ba200defbb6273_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-aws-rhel8@sha256:320e4df9f6cc6859a3d07dddb7b7d85833c6c03aa07cac7ad2ba200defbb6273?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:67198da77e57e2d95f586b936bc8722a4eb20ba788e6517a8db7063b5360a0d4_s390x",
"product": {
"name": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:67198da77e57e2d95f586b936bc8722a4eb20ba788e6517a8db7063b5360a0d4_s390x",
"product_id": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:67198da77e57e2d95f586b936bc8722a4eb20ba788e6517a8db7063b5360a0d4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-azure-rhel8@sha256:67198da77e57e2d95f586b936bc8722a4eb20ba788e6517a8db7063b5360a0d4?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-provider-azure-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:9b1147e21ad2d09ae2fbe6e85fc60d11244507c67ce88821af1e4894fb3a0f18_s390x",
"product": {
"name": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:9b1147e21ad2d09ae2fbe6e85fc60d11244507c67ce88821af1e4894fb3a0f18_s390x",
"product_id": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:9b1147e21ad2d09ae2fbe6e85fc60d11244507c67ce88821af1e4894fb3a0f18_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-kubevirt-rhel8@sha256:9b1147e21ad2d09ae2fbe6e85fc60d11244507c67ce88821af1e4894fb3a0f18?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/clusterclaims-controller-rhel8@sha256:291ec74b7090fe978c3177ef010fffccfa2aa5577f260afbb77346a856701c57_s390x",
"product": {
"name": "multicluster-engine/clusterclaims-controller-rhel8@sha256:291ec74b7090fe978c3177ef010fffccfa2aa5577f260afbb77346a856701c57_s390x",
"product_id": "multicluster-engine/clusterclaims-controller-rhel8@sha256:291ec74b7090fe978c3177ef010fffccfa2aa5577f260afbb77346a856701c57_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel8@sha256:291ec74b7090fe978c3177ef010fffccfa2aa5577f260afbb77346a856701c57?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-curator-controller-rhel8@sha256:62133004ef96b4d55d1cc2849605869096cbe8b1fe547425d9b17369a39cdd9b_s390x",
"product": {
"name": "multicluster-engine/cluster-curator-controller-rhel8@sha256:62133004ef96b4d55d1cc2849605869096cbe8b1fe547425d9b17369a39cdd9b_s390x",
"product_id": "multicluster-engine/cluster-curator-controller-rhel8@sha256:62133004ef96b4d55d1cc2849605869096cbe8b1fe547425d9b17369a39cdd9b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel8@sha256:62133004ef96b4d55d1cc2849605869096cbe8b1fe547425d9b17369a39cdd9b?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:b0799509c1ee7b0edf031c55d96bd0d2345deb2fdbb70f573ac45c4a895dab16_s390x",
"product": {
"name": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:b0799509c1ee7b0edf031c55d96bd0d2345deb2fdbb70f573ac45c4a895dab16_s390x",
"product_id": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:b0799509c1ee7b0edf031c55d96bd0d2345deb2fdbb70f573ac45c4a895dab16_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel8@sha256:b0799509c1ee7b0edf031c55d96bd0d2345deb2fdbb70f573ac45c4a895dab16?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x",
"product": {
"name": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x",
"product_id": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-console-mce-rhel8\u0026tag=v2.0.8-6"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x",
"product": {
"name": "multicluster-engine/console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x",
"product_id": "multicluster-engine/console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/console-mce-rhel8\u0026tag=v2.0.8-6"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/discovery-rhel8@sha256:c500c34bcb80bc2a905f597e70e5cd1b2ff17a2e85e54963ce1e56a8c9f425d9_s390x",
"product": {
"name": "multicluster-engine/discovery-rhel8@sha256:c500c34bcb80bc2a905f597e70e5cd1b2ff17a2e85e54963ce1e56a8c9f425d9_s390x",
"product_id": "multicluster-engine/discovery-rhel8@sha256:c500c34bcb80bc2a905f597e70e5cd1b2ff17a2e85e54963ce1e56a8c9f425d9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel8@sha256:c500c34bcb80bc2a905f597e70e5cd1b2ff17a2e85e54963ce1e56a8c9f425d9?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/discovery-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/hive-rhel8@sha256:fbd97fc8f1783f1d27f40e3f82af3d84edbb375927399ba41a13f9de9cc4d6a6_s390x",
"product": {
"name": "multicluster-engine/hive-rhel8@sha256:fbd97fc8f1783f1d27f40e3f82af3d84edbb375927399ba41a13f9de9cc4d6a6_s390x",
"product_id": "multicluster-engine/hive-rhel8@sha256:fbd97fc8f1783f1d27f40e3f82af3d84edbb375927399ba41a13f9de9cc4d6a6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hive-rhel8@sha256:fbd97fc8f1783f1d27f40e3f82af3d84edbb375927399ba41a13f9de9cc4d6a6?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/hive-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x",
"product": {
"name": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x",
"product_id": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x",
"product": {
"name": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x",
"product_id": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/hypershift-addon-rhel8-operator\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x",
"product": {
"name": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x",
"product_id": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x",
"product": {
"name": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x",
"product_id": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/hypershift-deployment-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/hypershift-rhel8-operator@sha256:6a86908cfe9af55e299a23b413517fabce707297d8a9eb27072b8e54626c937b_s390x",
"product": {
"name": "multicluster-engine/hypershift-rhel8-operator@sha256:6a86908cfe9af55e299a23b413517fabce707297d8a9eb27072b8e54626c937b_s390x",
"product_id": "multicluster-engine/hypershift-rhel8-operator@sha256:6a86908cfe9af55e299a23b413517fabce707297d8a9eb27072b8e54626c937b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-rhel8-operator@sha256:6a86908cfe9af55e299a23b413517fabce707297d8a9eb27072b8e54626c937b?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/hypershift-rhel8-operator\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:a613afada089b991101c09d4ee7e1d956db084bcfbd050950fc5911ac3474a7b_s390x",
"product": {
"name": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:a613afada089b991101c09d4ee7e1d956db084bcfbd050950fc5911ac3474a7b_s390x",
"product_id": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:a613afada089b991101c09d4ee7e1d956db084bcfbd050950fc5911ac3474a7b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel8@sha256:a613afada089b991101c09d4ee7e1d956db084bcfbd050950fc5911ac3474a7b?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x",
"product": {
"name": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x",
"product_id": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x",
"product": {
"name": "multicluster-engine/managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x",
"product_id": "multicluster-engine/managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x",
"product_identification_helper": {
"purl": "pkg:oci/managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicloud-manager-rhel8@sha256:74dc8934aab829b37a35cce6a0b1b41df138bd98eab84f4fd559df63f7a98194_s390x",
"product": {
"name": "multicluster-engine/multicloud-manager-rhel8@sha256:74dc8934aab829b37a35cce6a0b1b41df138bd98eab84f4fd559df63f7a98194_s390x",
"product_id": "multicluster-engine/multicloud-manager-rhel8@sha256:74dc8934aab829b37a35cce6a0b1b41df138bd98eab84f4fd559df63f7a98194_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel8@sha256:74dc8934aab829b37a35cce6a0b1b41df138bd98eab84f4fd559df63f7a98194?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/multicloud-manager-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/must-gather-rhel8@sha256:8b86ca9a3de32f6e628c65550a5cc828d8108fb33760222d47639625c0c16e99_s390x",
"product": {
"name": "multicluster-engine/must-gather-rhel8@sha256:8b86ca9a3de32f6e628c65550a5cc828d8108fb33760222d47639625c0c16e99_s390x",
"product_id": "multicluster-engine/must-gather-rhel8@sha256:8b86ca9a3de32f6e628c65550a5cc828d8108fb33760222d47639625c0c16e99_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:8b86ca9a3de32f6e628c65550a5cc828d8108fb33760222d47639625c0c16e99?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/must-gather-rhel8\u0026tag=v2.0.8-4"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/mce-operator-bundle@sha256:f6210c659d0790937648774acb89ad97733a8e5497f130e47f5f5b8439eb4b9d_s390x",
"product": {
"name": "multicluster-engine/mce-operator-bundle@sha256:f6210c659d0790937648774acb89ad97733a8e5497f130e47f5f5b8439eb4b9d_s390x",
"product_id": "multicluster-engine/mce-operator-bundle@sha256:f6210c659d0790937648774acb89ad97733a8e5497f130e47f5f5b8439eb4b9d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mce-operator-bundle@sha256:f6210c659d0790937648774acb89ad97733a8e5497f130e47f5f5b8439eb4b9d?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/mce-operator-bundle\u0026tag=v2.0.8-6"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/backplane-rhel8-operator@sha256:5696b46bc8706b1774816a604686d7f86314fa75e213e208e6866aa3e0b9c07b_s390x",
"product": {
"name": "multicluster-engine/backplane-rhel8-operator@sha256:5696b46bc8706b1774816a604686d7f86314fa75e213e208e6866aa3e0b9c07b_s390x",
"product_id": "multicluster-engine/backplane-rhel8-operator@sha256:5696b46bc8706b1774816a604686d7f86314fa75e213e208e6866aa3e0b9c07b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/backplane-rhel8-operator@sha256:5696b46bc8706b1774816a604686d7f86314fa75e213e208e6866aa3e0b9c07b?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/backplane-rhel8-operator\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/placement-rhel8@sha256:2ee53e1e23e85e99762837e823e5bb6a0abb1fc223ad16b8b23c3693c9a0a283_s390x",
"product": {
"name": "multicluster-engine/placement-rhel8@sha256:2ee53e1e23e85e99762837e823e5bb6a0abb1fc223ad16b8b23c3693c9a0a283_s390x",
"product_id": "multicluster-engine/placement-rhel8@sha256:2ee53e1e23e85e99762837e823e5bb6a0abb1fc223ad16b8b23c3693c9a0a283_s390x",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel8@sha256:2ee53e1e23e85e99762837e823e5bb6a0abb1fc223ad16b8b23c3693c9a0a283?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/placement-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/provider-credential-controller-rhel8@sha256:5d1d0c97fb6d0f130edf3131c8bbabfa0ce3def974c8f242b03171f30e64178c_s390x",
"product": {
"name": "multicluster-engine/provider-credential-controller-rhel8@sha256:5d1d0c97fb6d0f130edf3131c8bbabfa0ce3def974c8f242b03171f30e64178c_s390x",
"product_id": "multicluster-engine/provider-credential-controller-rhel8@sha256:5d1d0c97fb6d0f130edf3131c8bbabfa0ce3def974c8f242b03171f30e64178c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel8@sha256:5d1d0c97fb6d0f130edf3131c8bbabfa0ce3def974c8f242b03171f30e64178c?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/provider-credential-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/registration-rhel8@sha256:5f0db8ee47317577914281033df563341e2716ecdfd2251be49947ce5bfddf82_s390x",
"product": {
"name": "multicluster-engine/registration-rhel8@sha256:5f0db8ee47317577914281033df563341e2716ecdfd2251be49947ce5bfddf82_s390x",
"product_id": "multicluster-engine/registration-rhel8@sha256:5f0db8ee47317577914281033df563341e2716ecdfd2251be49947ce5bfddf82_s390x",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel8@sha256:5f0db8ee47317577914281033df563341e2716ecdfd2251be49947ce5bfddf82?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/registration-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/registration-operator-rhel8@sha256:61faeb1612a344edc47d53ddbd4ddf4900ff7d1630ed48deea47ebed043acd4c_s390x",
"product": {
"name": "multicluster-engine/registration-operator-rhel8@sha256:61faeb1612a344edc47d53ddbd4ddf4900ff7d1630ed48deea47ebed043acd4c_s390x",
"product_id": "multicluster-engine/registration-operator-rhel8@sha256:61faeb1612a344edc47d53ddbd4ddf4900ff7d1630ed48deea47ebed043acd4c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/registration-operator-rhel8@sha256:61faeb1612a344edc47d53ddbd4ddf4900ff7d1630ed48deea47ebed043acd4c?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/registration-operator-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/work-rhel8@sha256:a1295ab61f30aa361493703b69c905b0fc429d7cdc0953bc4118e2fe01750418_s390x",
"product": {
"name": "multicluster-engine/work-rhel8@sha256:a1295ab61f30aa361493703b69c905b0fc429d7cdc0953bc4118e2fe01750418_s390x",
"product_id": "multicluster-engine/work-rhel8@sha256:a1295ab61f30aa361493703b69c905b0fc429d7cdc0953bc4118e2fe01750418_s390x",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel8@sha256:a1295ab61f30aa361493703b69c905b0fc429d7cdc0953bc4118e2fe01750418?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/work-rhel8\u0026tag=v2.0.8-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "multicluster-engine/agent-service-rhel8@sha256:e9db5bbb914fc5acb2fd4043fe080871137efa7898076978e6760d066cb6e3ae_arm64",
"product": {
"name": "multicluster-engine/agent-service-rhel8@sha256:e9db5bbb914fc5acb2fd4043fe080871137efa7898076978e6760d066cb6e3ae_arm64",
"product_id": "multicluster-engine/agent-service-rhel8@sha256:e9db5bbb914fc5acb2fd4043fe080871137efa7898076978e6760d066cb6e3ae_arm64",
"product_identification_helper": {
"purl": "pkg:oci/agent-service-rhel8@sha256:e9db5bbb914fc5acb2fd4043fe080871137efa7898076978e6760d066cb6e3ae?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/agent-service-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:1059dcf0baa10711293d1a68e2cf94007700c10ae766108e4516363d7719b053_arm64",
"product": {
"name": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:1059dcf0baa10711293d1a68e2cf94007700c10ae766108e4516363d7719b053_arm64",
"product_id": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:1059dcf0baa10711293d1a68e2cf94007700c10ae766108e4516363d7719b053_arm64",
"product_identification_helper": {
"purl": "pkg:oci/apiserver-network-proxy-rhel8@sha256:1059dcf0baa10711293d1a68e2cf94007700c10ae766108e4516363d7719b053?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/apiserver-network-proxy-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/assisted-image-service-rhel8@sha256:528c1beba81ee8df1d285d6a6247aa9d5e015e3383b3df24069a953a13ae6af4_arm64",
"product": {
"name": "multicluster-engine/assisted-image-service-rhel8@sha256:528c1beba81ee8df1d285d6a6247aa9d5e015e3383b3df24069a953a13ae6af4_arm64",
"product_id": "multicluster-engine/assisted-image-service-rhel8@sha256:528c1beba81ee8df1d285d6a6247aa9d5e015e3383b3df24069a953a13ae6af4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel8@sha256:528c1beba81ee8df1d285d6a6247aa9d5e015e3383b3df24069a953a13ae6af4?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/assisted-installer-agent-rhel8@sha256:5625b33a8e26fa2531a5da42151b8cda7592c6f4252d4b5d1b81e2a822509634_arm64",
"product": {
"name": "multicluster-engine/assisted-installer-agent-rhel8@sha256:5625b33a8e26fa2531a5da42151b8cda7592c6f4252d4b5d1b81e2a822509634_arm64",
"product_id": "multicluster-engine/assisted-installer-agent-rhel8@sha256:5625b33a8e26fa2531a5da42151b8cda7592c6f4252d4b5d1b81e2a822509634_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel8@sha256:5625b33a8e26fa2531a5da42151b8cda7592c6f4252d4b5d1b81e2a822509634?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/assisted-installer-rhel8@sha256:0124ef35b82f022c1067926e82c8d5b87dbecd9faaacf95222a971489f3cdbc7_arm64",
"product": {
"name": "multicluster-engine/assisted-installer-rhel8@sha256:0124ef35b82f022c1067926e82c8d5b87dbecd9faaacf95222a971489f3cdbc7_arm64",
"product_id": "multicluster-engine/assisted-installer-rhel8@sha256:0124ef35b82f022c1067926e82c8d5b87dbecd9faaacf95222a971489f3cdbc7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256:0124ef35b82f022c1067926e82c8d5b87dbecd9faaacf95222a971489f3cdbc7?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/assisted-installer-reporter-rhel8@sha256:f3550478f1c5c94c40e14fb621238cdaa2a774cb20ca5c5a7b396c525bb7b119_arm64",
"product": {
"name": "multicluster-engine/assisted-installer-reporter-rhel8@sha256:f3550478f1c5c94c40e14fb621238cdaa2a774cb20ca5c5a7b396c525bb7b119_arm64",
"product_id": "multicluster-engine/assisted-installer-reporter-rhel8@sha256:f3550478f1c5c94c40e14fb621238cdaa2a774cb20ca5c5a7b396c525bb7b119_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-reporter-rhel8@sha256:f3550478f1c5c94c40e14fb621238cdaa2a774cb20ca5c5a7b396c525bb7b119?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-reporter-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/aws-encryption-provider-rhel8@sha256:3012a831579eea8ad086e93891425e69dc0032085bd1b27241ab365ff6eaeef9_arm64",
"product": {
"name": "multicluster-engine/aws-encryption-provider-rhel8@sha256:3012a831579eea8ad086e93891425e69dc0032085bd1b27241ab365ff6eaeef9_arm64",
"product_id": "multicluster-engine/aws-encryption-provider-rhel8@sha256:3012a831579eea8ad086e93891425e69dc0032085bd1b27241ab365ff6eaeef9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/aws-encryption-provider-rhel8@sha256:3012a831579eea8ad086e93891425e69dc0032085bd1b27241ab365ff6eaeef9?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/aws-encryption-provider-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-rhel8@sha256:c67a2d4058dab7046d81159442cb751b79d14ce66868c5f02c58e41949a0ff92_arm64",
"product": {
"name": "multicluster-engine/cluster-api-rhel8@sha256:c67a2d4058dab7046d81159442cb751b79d14ce66868c5f02c58e41949a0ff92_arm64",
"product_id": "multicluster-engine/cluster-api-rhel8@sha256:c67a2d4058dab7046d81159442cb751b79d14ce66868c5f02c58e41949a0ff92_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-rhel8@sha256:c67a2d4058dab7046d81159442cb751b79d14ce66868c5f02c58e41949a0ff92?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64",
"product": {
"name": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64",
"product_id": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64",
"product": {
"name": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64",
"product_id": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:3b2e31ac71b7fce2babcb0dc2e662adf2be4765e0ee45a9c56d45a74d9d2cc6a_arm64",
"product": {
"name": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:3b2e31ac71b7fce2babcb0dc2e662adf2be4765e0ee45a9c56d45a74d9d2cc6a_arm64",
"product_id": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:3b2e31ac71b7fce2babcb0dc2e662adf2be4765e0ee45a9c56d45a74d9d2cc6a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-aws-rhel8@sha256:3b2e31ac71b7fce2babcb0dc2e662adf2be4765e0ee45a9c56d45a74d9d2cc6a?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:bf3c059f40af3d2b9861554d2d44f8b46276bfefdcaef446db289d3fc1024e90_arm64",
"product": {
"name": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:bf3c059f40af3d2b9861554d2d44f8b46276bfefdcaef446db289d3fc1024e90_arm64",
"product_id": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:bf3c059f40af3d2b9861554d2d44f8b46276bfefdcaef446db289d3fc1024e90_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-azure-rhel8@sha256:bf3c059f40af3d2b9861554d2d44f8b46276bfefdcaef446db289d3fc1024e90?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-provider-azure-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:a104efc00d5605f7a8d69400032baa2bbd1aa2371e5b3386ba667d8b6ce3d466_arm64",
"product": {
"name": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:a104efc00d5605f7a8d69400032baa2bbd1aa2371e5b3386ba667d8b6ce3d466_arm64",
"product_id": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:a104efc00d5605f7a8d69400032baa2bbd1aa2371e5b3386ba667d8b6ce3d466_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-kubevirt-rhel8@sha256:a104efc00d5605f7a8d69400032baa2bbd1aa2371e5b3386ba667d8b6ce3d466?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/clusterclaims-controller-rhel8@sha256:c09a2cb2645bd5185ff2f8eaa55faf347eb88cad23ac950786fcc86885e38e14_arm64",
"product": {
"name": "multicluster-engine/clusterclaims-controller-rhel8@sha256:c09a2cb2645bd5185ff2f8eaa55faf347eb88cad23ac950786fcc86885e38e14_arm64",
"product_id": "multicluster-engine/clusterclaims-controller-rhel8@sha256:c09a2cb2645bd5185ff2f8eaa55faf347eb88cad23ac950786fcc86885e38e14_arm64",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel8@sha256:c09a2cb2645bd5185ff2f8eaa55faf347eb88cad23ac950786fcc86885e38e14?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-curator-controller-rhel8@sha256:2d63f24ede8bcd88a28a83b0b08ace3c3d83324ecf8fe1d1668a4598355a6172_arm64",
"product": {
"name": "multicluster-engine/cluster-curator-controller-rhel8@sha256:2d63f24ede8bcd88a28a83b0b08ace3c3d83324ecf8fe1d1668a4598355a6172_arm64",
"product_id": "multicluster-engine/cluster-curator-controller-rhel8@sha256:2d63f24ede8bcd88a28a83b0b08ace3c3d83324ecf8fe1d1668a4598355a6172_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel8@sha256:2d63f24ede8bcd88a28a83b0b08ace3c3d83324ecf8fe1d1668a4598355a6172?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:a42f3167ed09241a24d8884b0b757f01fbf8dc64eec84eeb796ebb7685e3b21d_arm64",
"product": {
"name": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:a42f3167ed09241a24d8884b0b757f01fbf8dc64eec84eeb796ebb7685e3b21d_arm64",
"product_id": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:a42f3167ed09241a24d8884b0b757f01fbf8dc64eec84eeb796ebb7685e3b21d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel8@sha256:a42f3167ed09241a24d8884b0b757f01fbf8dc64eec84eeb796ebb7685e3b21d?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64",
"product": {
"name": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64",
"product_id": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-console-mce-rhel8\u0026tag=v2.0.8-6"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64",
"product": {
"name": "multicluster-engine/console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64",
"product_id": "multicluster-engine/console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/console-mce-rhel8\u0026tag=v2.0.8-6"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/discovery-rhel8@sha256:af98a2684f06cded753b43f8f25bd63f1b08e6b4cb2b9f3ac985f487d30de108_arm64",
"product": {
"name": "multicluster-engine/discovery-rhel8@sha256:af98a2684f06cded753b43f8f25bd63f1b08e6b4cb2b9f3ac985f487d30de108_arm64",
"product_id": "multicluster-engine/discovery-rhel8@sha256:af98a2684f06cded753b43f8f25bd63f1b08e6b4cb2b9f3ac985f487d30de108_arm64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel8@sha256:af98a2684f06cded753b43f8f25bd63f1b08e6b4cb2b9f3ac985f487d30de108?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/discovery-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/hive-rhel8@sha256:90928e22f4899ecb02c43369165985d1724854b3e50a312fea4d84afa5ccfad2_arm64",
"product": {
"name": "multicluster-engine/hive-rhel8@sha256:90928e22f4899ecb02c43369165985d1724854b3e50a312fea4d84afa5ccfad2_arm64",
"product_id": "multicluster-engine/hive-rhel8@sha256:90928e22f4899ecb02c43369165985d1724854b3e50a312fea4d84afa5ccfad2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hive-rhel8@sha256:90928e22f4899ecb02c43369165985d1724854b3e50a312fea4d84afa5ccfad2?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/hive-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64",
"product": {
"name": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64",
"product_id": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64",
"product": {
"name": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64",
"product_id": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/hypershift-addon-rhel8-operator\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64",
"product": {
"name": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64",
"product_id": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64",
"product": {
"name": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64",
"product_id": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/hypershift-deployment-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/hypershift-rhel8-operator@sha256:e56690d30293de9cdd587577102fa9809f7c5dad2ae4f8403fcc2e79fac5b9af_arm64",
"product": {
"name": "multicluster-engine/hypershift-rhel8-operator@sha256:e56690d30293de9cdd587577102fa9809f7c5dad2ae4f8403fcc2e79fac5b9af_arm64",
"product_id": "multicluster-engine/hypershift-rhel8-operator@sha256:e56690d30293de9cdd587577102fa9809f7c5dad2ae4f8403fcc2e79fac5b9af_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-rhel8-operator@sha256:e56690d30293de9cdd587577102fa9809f7c5dad2ae4f8403fcc2e79fac5b9af?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/hypershift-rhel8-operator\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:1f70e2efd2e2b9e94f3d1bed8b8e4590593d2d4b504fabc76e165ed709960cc9_arm64",
"product": {
"name": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:1f70e2efd2e2b9e94f3d1bed8b8e4590593d2d4b504fabc76e165ed709960cc9_arm64",
"product_id": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:1f70e2efd2e2b9e94f3d1bed8b8e4590593d2d4b504fabc76e165ed709960cc9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel8@sha256:1f70e2efd2e2b9e94f3d1bed8b8e4590593d2d4b504fabc76e165ed709960cc9?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64",
"product": {
"name": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64",
"product_id": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64",
"product": {
"name": "multicluster-engine/managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64",
"product_id": "multicluster-engine/managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64",
"product_identification_helper": {
"purl": "pkg:oci/managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicloud-manager-rhel8@sha256:549e4c2f966fb81c86dd28f63d985e0b1d7f72d52d512336bdc54e7750f19ef1_arm64",
"product": {
"name": "multicluster-engine/multicloud-manager-rhel8@sha256:549e4c2f966fb81c86dd28f63d985e0b1d7f72d52d512336bdc54e7750f19ef1_arm64",
"product_id": "multicluster-engine/multicloud-manager-rhel8@sha256:549e4c2f966fb81c86dd28f63d985e0b1d7f72d52d512336bdc54e7750f19ef1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel8@sha256:549e4c2f966fb81c86dd28f63d985e0b1d7f72d52d512336bdc54e7750f19ef1?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/multicloud-manager-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/must-gather-rhel8@sha256:2d66f2ed20efc0f0d010b3ef1aab1efd29f2a05855a2162eb408e57e7c396048_arm64",
"product": {
"name": "multicluster-engine/must-gather-rhel8@sha256:2d66f2ed20efc0f0d010b3ef1aab1efd29f2a05855a2162eb408e57e7c396048_arm64",
"product_id": "multicluster-engine/must-gather-rhel8@sha256:2d66f2ed20efc0f0d010b3ef1aab1efd29f2a05855a2162eb408e57e7c396048_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:2d66f2ed20efc0f0d010b3ef1aab1efd29f2a05855a2162eb408e57e7c396048?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/must-gather-rhel8\u0026tag=v2.0.8-4"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/backplane-rhel8-operator@sha256:a0a3320c90275244b8bca4e4498b86ebc1a3686d7087af20929231788699459a_arm64",
"product": {
"name": "multicluster-engine/backplane-rhel8-operator@sha256:a0a3320c90275244b8bca4e4498b86ebc1a3686d7087af20929231788699459a_arm64",
"product_id": "multicluster-engine/backplane-rhel8-operator@sha256:a0a3320c90275244b8bca4e4498b86ebc1a3686d7087af20929231788699459a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/backplane-rhel8-operator@sha256:a0a3320c90275244b8bca4e4498b86ebc1a3686d7087af20929231788699459a?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/backplane-rhel8-operator\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/placement-rhel8@sha256:3b79cce7eac143a8ae54d9fb5819eb8936ad765a43a3acc04babd251b8f10a6c_arm64",
"product": {
"name": "multicluster-engine/placement-rhel8@sha256:3b79cce7eac143a8ae54d9fb5819eb8936ad765a43a3acc04babd251b8f10a6c_arm64",
"product_id": "multicluster-engine/placement-rhel8@sha256:3b79cce7eac143a8ae54d9fb5819eb8936ad765a43a3acc04babd251b8f10a6c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel8@sha256:3b79cce7eac143a8ae54d9fb5819eb8936ad765a43a3acc04babd251b8f10a6c?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/placement-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/provider-credential-controller-rhel8@sha256:60b0d4725ffb384b99f860609dd4098253d2b1261cb6ac5c4509c7402d105991_arm64",
"product": {
"name": "multicluster-engine/provider-credential-controller-rhel8@sha256:60b0d4725ffb384b99f860609dd4098253d2b1261cb6ac5c4509c7402d105991_arm64",
"product_id": "multicluster-engine/provider-credential-controller-rhel8@sha256:60b0d4725ffb384b99f860609dd4098253d2b1261cb6ac5c4509c7402d105991_arm64",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel8@sha256:60b0d4725ffb384b99f860609dd4098253d2b1261cb6ac5c4509c7402d105991?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/provider-credential-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/registration-rhel8@sha256:2196c86fdd2a40e681772bbdf6e96dc326f5016b48657be6cf5b4440058dc116_arm64",
"product": {
"name": "multicluster-engine/registration-rhel8@sha256:2196c86fdd2a40e681772bbdf6e96dc326f5016b48657be6cf5b4440058dc116_arm64",
"product_id": "multicluster-engine/registration-rhel8@sha256:2196c86fdd2a40e681772bbdf6e96dc326f5016b48657be6cf5b4440058dc116_arm64",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel8@sha256:2196c86fdd2a40e681772bbdf6e96dc326f5016b48657be6cf5b4440058dc116?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/registration-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/registration-operator-rhel8@sha256:73443ddeac5dd25d399c995832888561f0450e152e25a6f4cbb60a76a0cc331d_arm64",
"product": {
"name": "multicluster-engine/registration-operator-rhel8@sha256:73443ddeac5dd25d399c995832888561f0450e152e25a6f4cbb60a76a0cc331d_arm64",
"product_id": "multicluster-engine/registration-operator-rhel8@sha256:73443ddeac5dd25d399c995832888561f0450e152e25a6f4cbb60a76a0cc331d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/registration-operator-rhel8@sha256:73443ddeac5dd25d399c995832888561f0450e152e25a6f4cbb60a76a0cc331d?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/registration-operator-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/work-rhel8@sha256:a278fc25c36a1003b2c5e4494838f960e1c9b68252c39dda33fbbb96c30c65dc_arm64",
"product": {
"name": "multicluster-engine/work-rhel8@sha256:a278fc25c36a1003b2c5e4494838f960e1c9b68252c39dda33fbbb96c30c65dc_arm64",
"product_id": "multicluster-engine/work-rhel8@sha256:a278fc25c36a1003b2c5e4494838f960e1c9b68252c39dda33fbbb96c30c65dc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel8@sha256:a278fc25c36a1003b2c5e4494838f960e1c9b68252c39dda33fbbb96c30c65dc?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/work-rhel8\u0026tag=v2.0.8-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "multicluster-engine/agent-service-rhel8@sha256:e23fd8486bb6d5a855c19fa5c6deacc4b618050b24682a39e43c72b54d477259_ppc64le",
"product": {
"name": "multicluster-engine/agent-service-rhel8@sha256:e23fd8486bb6d5a855c19fa5c6deacc4b618050b24682a39e43c72b54d477259_ppc64le",
"product_id": "multicluster-engine/agent-service-rhel8@sha256:e23fd8486bb6d5a855c19fa5c6deacc4b618050b24682a39e43c72b54d477259_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/agent-service-rhel8@sha256:e23fd8486bb6d5a855c19fa5c6deacc4b618050b24682a39e43c72b54d477259?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/agent-service-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:ca21d47df9252c588ac3b62ee4c9c316dd78841f4c01370d000a82b4bf6989d4_ppc64le",
"product": {
"name": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:ca21d47df9252c588ac3b62ee4c9c316dd78841f4c01370d000a82b4bf6989d4_ppc64le",
"product_id": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:ca21d47df9252c588ac3b62ee4c9c316dd78841f4c01370d000a82b4bf6989d4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/apiserver-network-proxy-rhel8@sha256:ca21d47df9252c588ac3b62ee4c9c316dd78841f4c01370d000a82b4bf6989d4?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/apiserver-network-proxy-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/assisted-image-service-rhel8@sha256:010f4302c1a117c4b6acec689dc4b3e163a7aa8248a8cb404ea798332e763a2d_ppc64le",
"product": {
"name": "multicluster-engine/assisted-image-service-rhel8@sha256:010f4302c1a117c4b6acec689dc4b3e163a7aa8248a8cb404ea798332e763a2d_ppc64le",
"product_id": "multicluster-engine/assisted-image-service-rhel8@sha256:010f4302c1a117c4b6acec689dc4b3e163a7aa8248a8cb404ea798332e763a2d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel8@sha256:010f4302c1a117c4b6acec689dc4b3e163a7aa8248a8cb404ea798332e763a2d?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/assisted-installer-rhel8@sha256:963dfc99b824553e6d824e9e82f01771b6f9418e0e0e7d12cb63400ce20d1a18_ppc64le",
"product": {
"name": "multicluster-engine/assisted-installer-rhel8@sha256:963dfc99b824553e6d824e9e82f01771b6f9418e0e0e7d12cb63400ce20d1a18_ppc64le",
"product_id": "multicluster-engine/assisted-installer-rhel8@sha256:963dfc99b824553e6d824e9e82f01771b6f9418e0e0e7d12cb63400ce20d1a18_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256:963dfc99b824553e6d824e9e82f01771b6f9418e0e0e7d12cb63400ce20d1a18?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/assisted-installer-reporter-rhel8@sha256:6c652ca955753d38ae8001a96a7566f9fddeda7dafb539c5690ef9e59dba5898_ppc64le",
"product": {
"name": "multicluster-engine/assisted-installer-reporter-rhel8@sha256:6c652ca955753d38ae8001a96a7566f9fddeda7dafb539c5690ef9e59dba5898_ppc64le",
"product_id": "multicluster-engine/assisted-installer-reporter-rhel8@sha256:6c652ca955753d38ae8001a96a7566f9fddeda7dafb539c5690ef9e59dba5898_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-reporter-rhel8@sha256:6c652ca955753d38ae8001a96a7566f9fddeda7dafb539c5690ef9e59dba5898?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-reporter-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/aws-encryption-provider-rhel8@sha256:b390f8ad0a6300897c423ccf7a3b5b5ccaf0376f7db41433db04e02f94c6450b_ppc64le",
"product": {
"name": "multicluster-engine/aws-encryption-provider-rhel8@sha256:b390f8ad0a6300897c423ccf7a3b5b5ccaf0376f7db41433db04e02f94c6450b_ppc64le",
"product_id": "multicluster-engine/aws-encryption-provider-rhel8@sha256:b390f8ad0a6300897c423ccf7a3b5b5ccaf0376f7db41433db04e02f94c6450b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/aws-encryption-provider-rhel8@sha256:b390f8ad0a6300897c423ccf7a3b5b5ccaf0376f7db41433db04e02f94c6450b?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/aws-encryption-provider-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-rhel8@sha256:f64b4dd9ae882951c4ea5a0a8228365d0f2fbf525389da4955c676b9e5b9b301_ppc64le",
"product": {
"name": "multicluster-engine/cluster-api-rhel8@sha256:f64b4dd9ae882951c4ea5a0a8228365d0f2fbf525389da4955c676b9e5b9b301_ppc64le",
"product_id": "multicluster-engine/cluster-api-rhel8@sha256:f64b4dd9ae882951c4ea5a0a8228365d0f2fbf525389da4955c676b9e5b9b301_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-rhel8@sha256:f64b4dd9ae882951c4ea5a0a8228365d0f2fbf525389da4955c676b9e5b9b301?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le",
"product": {
"name": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le",
"product_id": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le",
"product": {
"name": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le",
"product_id": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:92b1741abd7956f31d8230e3b03c7946845fe1fea347108b1e8f9d1775b21ec8_ppc64le",
"product": {
"name": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:92b1741abd7956f31d8230e3b03c7946845fe1fea347108b1e8f9d1775b21ec8_ppc64le",
"product_id": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:92b1741abd7956f31d8230e3b03c7946845fe1fea347108b1e8f9d1775b21ec8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-aws-rhel8@sha256:92b1741abd7956f31d8230e3b03c7946845fe1fea347108b1e8f9d1775b21ec8?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:0a53815dd1518a8e10ea26c9f3a024c675a41f901bd0d81a0bc6974f837342fd_ppc64le",
"product": {
"name": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:0a53815dd1518a8e10ea26c9f3a024c675a41f901bd0d81a0bc6974f837342fd_ppc64le",
"product_id": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:0a53815dd1518a8e10ea26c9f3a024c675a41f901bd0d81a0bc6974f837342fd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-azure-rhel8@sha256:0a53815dd1518a8e10ea26c9f3a024c675a41f901bd0d81a0bc6974f837342fd?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-provider-azure-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:e994ecb70c2b61627a12d6651126da1616862c7121f85ec36883feb6482cdd76_ppc64le",
"product": {
"name": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:e994ecb70c2b61627a12d6651126da1616862c7121f85ec36883feb6482cdd76_ppc64le",
"product_id": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:e994ecb70c2b61627a12d6651126da1616862c7121f85ec36883feb6482cdd76_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-kubevirt-rhel8@sha256:e994ecb70c2b61627a12d6651126da1616862c7121f85ec36883feb6482cdd76?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/clusterclaims-controller-rhel8@sha256:d46cabb6560cc0e35d2ddb3ab4796e72b7065d78b7ccefc9b66de1463642ecb6_ppc64le",
"product": {
"name": "multicluster-engine/clusterclaims-controller-rhel8@sha256:d46cabb6560cc0e35d2ddb3ab4796e72b7065d78b7ccefc9b66de1463642ecb6_ppc64le",
"product_id": "multicluster-engine/clusterclaims-controller-rhel8@sha256:d46cabb6560cc0e35d2ddb3ab4796e72b7065d78b7ccefc9b66de1463642ecb6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel8@sha256:d46cabb6560cc0e35d2ddb3ab4796e72b7065d78b7ccefc9b66de1463642ecb6?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-curator-controller-rhel8@sha256:67204a2cae0b957eea73936132cc17d2760d4191e894bc864850da4701f2c287_ppc64le",
"product": {
"name": "multicluster-engine/cluster-curator-controller-rhel8@sha256:67204a2cae0b957eea73936132cc17d2760d4191e894bc864850da4701f2c287_ppc64le",
"product_id": "multicluster-engine/cluster-curator-controller-rhel8@sha256:67204a2cae0b957eea73936132cc17d2760d4191e894bc864850da4701f2c287_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel8@sha256:67204a2cae0b957eea73936132cc17d2760d4191e894bc864850da4701f2c287?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:530a667f5ad05a09af6cd33f751f1357b36a0e09ab487e5a3c36a026410f3bf0_ppc64le",
"product": {
"name": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:530a667f5ad05a09af6cd33f751f1357b36a0e09ab487e5a3c36a026410f3bf0_ppc64le",
"product_id": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:530a667f5ad05a09af6cd33f751f1357b36a0e09ab487e5a3c36a026410f3bf0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel8@sha256:530a667f5ad05a09af6cd33f751f1357b36a0e09ab487e5a3c36a026410f3bf0?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le",
"product": {
"name": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le",
"product_id": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-console-mce-rhel8\u0026tag=v2.0.8-6"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le",
"product": {
"name": "multicluster-engine/console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le",
"product_id": "multicluster-engine/console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/console-mce-rhel8\u0026tag=v2.0.8-6"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/discovery-rhel8@sha256:c26c4d3be3429ad2523cc35e5ff3b6f97e472de421a5a6429934d0356e188d55_ppc64le",
"product": {
"name": "multicluster-engine/discovery-rhel8@sha256:c26c4d3be3429ad2523cc35e5ff3b6f97e472de421a5a6429934d0356e188d55_ppc64le",
"product_id": "multicluster-engine/discovery-rhel8@sha256:c26c4d3be3429ad2523cc35e5ff3b6f97e472de421a5a6429934d0356e188d55_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel8@sha256:c26c4d3be3429ad2523cc35e5ff3b6f97e472de421a5a6429934d0356e188d55?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/discovery-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/hive-rhel8@sha256:56f69d5ac57ef0794b05aad95a0cc0e22b18fa3fbf2b5b7f8b75ab731add3b4b_ppc64le",
"product": {
"name": "multicluster-engine/hive-rhel8@sha256:56f69d5ac57ef0794b05aad95a0cc0e22b18fa3fbf2b5b7f8b75ab731add3b4b_ppc64le",
"product_id": "multicluster-engine/hive-rhel8@sha256:56f69d5ac57ef0794b05aad95a0cc0e22b18fa3fbf2b5b7f8b75ab731add3b4b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hive-rhel8@sha256:56f69d5ac57ef0794b05aad95a0cc0e22b18fa3fbf2b5b7f8b75ab731add3b4b?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/hive-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le",
"product": {
"name": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le",
"product_id": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le",
"product": {
"name": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le",
"product_id": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/hypershift-addon-rhel8-operator\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le",
"product": {
"name": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le",
"product_id": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le",
"product": {
"name": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le",
"product_id": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/hypershift-deployment-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/hypershift-rhel8-operator@sha256:7a86f63853bce0130300cac12c1dbe132e8b2cdb50aea05b3a0f9c6b1dd3bacf_ppc64le",
"product": {
"name": "multicluster-engine/hypershift-rhel8-operator@sha256:7a86f63853bce0130300cac12c1dbe132e8b2cdb50aea05b3a0f9c6b1dd3bacf_ppc64le",
"product_id": "multicluster-engine/hypershift-rhel8-operator@sha256:7a86f63853bce0130300cac12c1dbe132e8b2cdb50aea05b3a0f9c6b1dd3bacf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-rhel8-operator@sha256:7a86f63853bce0130300cac12c1dbe132e8b2cdb50aea05b3a0f9c6b1dd3bacf?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/hypershift-rhel8-operator\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:82db3097c74cbadff07c3c640ba6fc1f33cafd3cbc49428af9b3ddc448b7ecd0_ppc64le",
"product": {
"name": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:82db3097c74cbadff07c3c640ba6fc1f33cafd3cbc49428af9b3ddc448b7ecd0_ppc64le",
"product_id": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:82db3097c74cbadff07c3c640ba6fc1f33cafd3cbc49428af9b3ddc448b7ecd0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel8@sha256:82db3097c74cbadff07c3c640ba6fc1f33cafd3cbc49428af9b3ddc448b7ecd0?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le",
"product": {
"name": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le",
"product_id": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le",
"product": {
"name": "multicluster-engine/managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le",
"product_id": "multicluster-engine/managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicloud-manager-rhel8@sha256:5b04b649e4efc023eeda0c9437acdc380338f1497b4e0e338598395dccf0fca2_ppc64le",
"product": {
"name": "multicluster-engine/multicloud-manager-rhel8@sha256:5b04b649e4efc023eeda0c9437acdc380338f1497b4e0e338598395dccf0fca2_ppc64le",
"product_id": "multicluster-engine/multicloud-manager-rhel8@sha256:5b04b649e4efc023eeda0c9437acdc380338f1497b4e0e338598395dccf0fca2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel8@sha256:5b04b649e4efc023eeda0c9437acdc380338f1497b4e0e338598395dccf0fca2?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/multicloud-manager-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/must-gather-rhel8@sha256:2f25417720bcae91aa8eee5ea8f1508dfbfd41d14b69b809ba19aeee86445e87_ppc64le",
"product": {
"name": "multicluster-engine/must-gather-rhel8@sha256:2f25417720bcae91aa8eee5ea8f1508dfbfd41d14b69b809ba19aeee86445e87_ppc64le",
"product_id": "multicluster-engine/must-gather-rhel8@sha256:2f25417720bcae91aa8eee5ea8f1508dfbfd41d14b69b809ba19aeee86445e87_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:2f25417720bcae91aa8eee5ea8f1508dfbfd41d14b69b809ba19aeee86445e87?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/must-gather-rhel8\u0026tag=v2.0.8-4"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/mce-operator-bundle@sha256:e156e524f1327c690d775ceef353f49c1502fca33812f66e3a17b3e595fb2ff9_ppc64le",
"product": {
"name": "multicluster-engine/mce-operator-bundle@sha256:e156e524f1327c690d775ceef353f49c1502fca33812f66e3a17b3e595fb2ff9_ppc64le",
"product_id": "multicluster-engine/mce-operator-bundle@sha256:e156e524f1327c690d775ceef353f49c1502fca33812f66e3a17b3e595fb2ff9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mce-operator-bundle@sha256:e156e524f1327c690d775ceef353f49c1502fca33812f66e3a17b3e595fb2ff9?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/mce-operator-bundle\u0026tag=v2.0.8-6"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/backplane-rhel8-operator@sha256:6eed5640e54dcf316b7066be74a7e4d3ba5518104806b9889c4602c8314141bc_ppc64le",
"product": {
"name": "multicluster-engine/backplane-rhel8-operator@sha256:6eed5640e54dcf316b7066be74a7e4d3ba5518104806b9889c4602c8314141bc_ppc64le",
"product_id": "multicluster-engine/backplane-rhel8-operator@sha256:6eed5640e54dcf316b7066be74a7e4d3ba5518104806b9889c4602c8314141bc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/backplane-rhel8-operator@sha256:6eed5640e54dcf316b7066be74a7e4d3ba5518104806b9889c4602c8314141bc?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/backplane-rhel8-operator\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/placement-rhel8@sha256:16f551455ca900bb4797045954674c7e5d431d8c3229f6edcecb4097bd068ea4_ppc64le",
"product": {
"name": "multicluster-engine/placement-rhel8@sha256:16f551455ca900bb4797045954674c7e5d431d8c3229f6edcecb4097bd068ea4_ppc64le",
"product_id": "multicluster-engine/placement-rhel8@sha256:16f551455ca900bb4797045954674c7e5d431d8c3229f6edcecb4097bd068ea4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel8@sha256:16f551455ca900bb4797045954674c7e5d431d8c3229f6edcecb4097bd068ea4?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/placement-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/provider-credential-controller-rhel8@sha256:98ec118c74002e645011bcbaad20671a696b5e14cf4aed48b09899c787c4008b_ppc64le",
"product": {
"name": "multicluster-engine/provider-credential-controller-rhel8@sha256:98ec118c74002e645011bcbaad20671a696b5e14cf4aed48b09899c787c4008b_ppc64le",
"product_id": "multicluster-engine/provider-credential-controller-rhel8@sha256:98ec118c74002e645011bcbaad20671a696b5e14cf4aed48b09899c787c4008b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel8@sha256:98ec118c74002e645011bcbaad20671a696b5e14cf4aed48b09899c787c4008b?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/provider-credential-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/registration-rhel8@sha256:30f2cc473afa8da30c03511099fc41b44529ba789c0a7750c0b873c01697c7b2_ppc64le",
"product": {
"name": "multicluster-engine/registration-rhel8@sha256:30f2cc473afa8da30c03511099fc41b44529ba789c0a7750c0b873c01697c7b2_ppc64le",
"product_id": "multicluster-engine/registration-rhel8@sha256:30f2cc473afa8da30c03511099fc41b44529ba789c0a7750c0b873c01697c7b2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel8@sha256:30f2cc473afa8da30c03511099fc41b44529ba789c0a7750c0b873c01697c7b2?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/registration-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/registration-operator-rhel8@sha256:a9b1f13738a676f4336540e1d161a914b1c4a4c2fa86093234ddb6993db1c931_ppc64le",
"product": {
"name": "multicluster-engine/registration-operator-rhel8@sha256:a9b1f13738a676f4336540e1d161a914b1c4a4c2fa86093234ddb6993db1c931_ppc64le",
"product_id": "multicluster-engine/registration-operator-rhel8@sha256:a9b1f13738a676f4336540e1d161a914b1c4a4c2fa86093234ddb6993db1c931_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/registration-operator-rhel8@sha256:a9b1f13738a676f4336540e1d161a914b1c4a4c2fa86093234ddb6993db1c931?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/registration-operator-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/work-rhel8@sha256:bdaac7d8e29445822071edf1dff2c52610f8dce906c02cd142b848128e0046dc_ppc64le",
"product": {
"name": "multicluster-engine/work-rhel8@sha256:bdaac7d8e29445822071edf1dff2c52610f8dce906c02cd142b848128e0046dc_ppc64le",
"product_id": "multicluster-engine/work-rhel8@sha256:bdaac7d8e29445822071edf1dff2c52610f8dce906c02cd142b848128e0046dc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel8@sha256:bdaac7d8e29445822071edf1dff2c52610f8dce906c02cd142b848128e0046dc?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/work-rhel8\u0026tag=v2.0.8-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "multicluster-engine/agent-service-rhel8@sha256:97953db07d72c8c9bc4a02d9d9828e0356564ae077a5627008cd935eacd3c431_amd64",
"product": {
"name": "multicluster-engine/agent-service-rhel8@sha256:97953db07d72c8c9bc4a02d9d9828e0356564ae077a5627008cd935eacd3c431_amd64",
"product_id": "multicluster-engine/agent-service-rhel8@sha256:97953db07d72c8c9bc4a02d9d9828e0356564ae077a5627008cd935eacd3c431_amd64",
"product_identification_helper": {
"purl": "pkg:oci/agent-service-rhel8@sha256:97953db07d72c8c9bc4a02d9d9828e0356564ae077a5627008cd935eacd3c431?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/agent-service-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:45980a82d18011f10fa1359ee4f8bb58f1d733945c95c05c65cf9ed27ffc7711_amd64",
"product": {
"name": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:45980a82d18011f10fa1359ee4f8bb58f1d733945c95c05c65cf9ed27ffc7711_amd64",
"product_id": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:45980a82d18011f10fa1359ee4f8bb58f1d733945c95c05c65cf9ed27ffc7711_amd64",
"product_identification_helper": {
"purl": "pkg:oci/apiserver-network-proxy-rhel8@sha256:45980a82d18011f10fa1359ee4f8bb58f1d733945c95c05c65cf9ed27ffc7711?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/apiserver-network-proxy-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/assisted-image-service-rhel8@sha256:8b80abdec9e38c0cc9bf194bd5258ec64eedd989f9d6cd1c9d5abc2c553e1496_amd64",
"product": {
"name": "multicluster-engine/assisted-image-service-rhel8@sha256:8b80abdec9e38c0cc9bf194bd5258ec64eedd989f9d6cd1c9d5abc2c553e1496_amd64",
"product_id": "multicluster-engine/assisted-image-service-rhel8@sha256:8b80abdec9e38c0cc9bf194bd5258ec64eedd989f9d6cd1c9d5abc2c553e1496_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel8@sha256:8b80abdec9e38c0cc9bf194bd5258ec64eedd989f9d6cd1c9d5abc2c553e1496?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/assisted-installer-agent-rhel8@sha256:1efe34c3f8b6303b397c74ddb2b43ac782dfa5bce69108eedd6b6122ced14601_amd64",
"product": {
"name": "multicluster-engine/assisted-installer-agent-rhel8@sha256:1efe34c3f8b6303b397c74ddb2b43ac782dfa5bce69108eedd6b6122ced14601_amd64",
"product_id": "multicluster-engine/assisted-installer-agent-rhel8@sha256:1efe34c3f8b6303b397c74ddb2b43ac782dfa5bce69108eedd6b6122ced14601_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel8@sha256:1efe34c3f8b6303b397c74ddb2b43ac782dfa5bce69108eedd6b6122ced14601?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/assisted-installer-rhel8@sha256:3931b8f7b46b45cd03e3fbfbe086096ba314a03a764f2a2793c1c6296f976c4f_amd64",
"product": {
"name": "multicluster-engine/assisted-installer-rhel8@sha256:3931b8f7b46b45cd03e3fbfbe086096ba314a03a764f2a2793c1c6296f976c4f_amd64",
"product_id": "multicluster-engine/assisted-installer-rhel8@sha256:3931b8f7b46b45cd03e3fbfbe086096ba314a03a764f2a2793c1c6296f976c4f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256:3931b8f7b46b45cd03e3fbfbe086096ba314a03a764f2a2793c1c6296f976c4f?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/assisted-installer-reporter-rhel8@sha256:c91750d80bda566c0ec42de51da726ee12639011c5d20f407b9b1aeaaf580735_amd64",
"product": {
"name": "multicluster-engine/assisted-installer-reporter-rhel8@sha256:c91750d80bda566c0ec42de51da726ee12639011c5d20f407b9b1aeaaf580735_amd64",
"product_id": "multicluster-engine/assisted-installer-reporter-rhel8@sha256:c91750d80bda566c0ec42de51da726ee12639011c5d20f407b9b1aeaaf580735_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-reporter-rhel8@sha256:c91750d80bda566c0ec42de51da726ee12639011c5d20f407b9b1aeaaf580735?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-reporter-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/aws-encryption-provider-rhel8@sha256:71850057b0538d3b2e2279e4db976feeffc6250f02027ad7063236369f63407f_amd64",
"product": {
"name": "multicluster-engine/aws-encryption-provider-rhel8@sha256:71850057b0538d3b2e2279e4db976feeffc6250f02027ad7063236369f63407f_amd64",
"product_id": "multicluster-engine/aws-encryption-provider-rhel8@sha256:71850057b0538d3b2e2279e4db976feeffc6250f02027ad7063236369f63407f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/aws-encryption-provider-rhel8@sha256:71850057b0538d3b2e2279e4db976feeffc6250f02027ad7063236369f63407f?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/aws-encryption-provider-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-rhel8@sha256:ae5f08167c324a5a09332ec9fbfd26dbf750dfe9fb0f3f20b1c3eaff428628d3_amd64",
"product": {
"name": "multicluster-engine/cluster-api-rhel8@sha256:ae5f08167c324a5a09332ec9fbfd26dbf750dfe9fb0f3f20b1c3eaff428628d3_amd64",
"product_id": "multicluster-engine/cluster-api-rhel8@sha256:ae5f08167c324a5a09332ec9fbfd26dbf750dfe9fb0f3f20b1c3eaff428628d3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-rhel8@sha256:ae5f08167c324a5a09332ec9fbfd26dbf750dfe9fb0f3f20b1c3eaff428628d3?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64",
"product": {
"name": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64",
"product_id": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64",
"product": {
"name": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64",
"product_id": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:6d43e17b3ab9fdf058c7be85a39fbf51a13017db4ca48ad87bdce2aab4b10bea_amd64",
"product": {
"name": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:6d43e17b3ab9fdf058c7be85a39fbf51a13017db4ca48ad87bdce2aab4b10bea_amd64",
"product_id": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:6d43e17b3ab9fdf058c7be85a39fbf51a13017db4ca48ad87bdce2aab4b10bea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-aws-rhel8@sha256:6d43e17b3ab9fdf058c7be85a39fbf51a13017db4ca48ad87bdce2aab4b10bea?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:2cbfaec7d07fc6bf940a300c949f3947e0a520524410432b7b519bd1e0ec9a1f_amd64",
"product": {
"name": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:2cbfaec7d07fc6bf940a300c949f3947e0a520524410432b7b519bd1e0ec9a1f_amd64",
"product_id": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:2cbfaec7d07fc6bf940a300c949f3947e0a520524410432b7b519bd1e0ec9a1f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-azure-rhel8@sha256:2cbfaec7d07fc6bf940a300c949f3947e0a520524410432b7b519bd1e0ec9a1f?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-provider-azure-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:8c37756fda2356c49d09413842c29d6d040970e90db1aff2c1e95fed50fb706f_amd64",
"product": {
"name": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:8c37756fda2356c49d09413842c29d6d040970e90db1aff2c1e95fed50fb706f_amd64",
"product_id": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:8c37756fda2356c49d09413842c29d6d040970e90db1aff2c1e95fed50fb706f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-kubevirt-rhel8@sha256:8c37756fda2356c49d09413842c29d6d040970e90db1aff2c1e95fed50fb706f?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/clusterclaims-controller-rhel8@sha256:aef69de3c4180dfbe2a962a3b76bb7a43abf69b4831754d477ad6c2ff7025e4c_amd64",
"product": {
"name": "multicluster-engine/clusterclaims-controller-rhel8@sha256:aef69de3c4180dfbe2a962a3b76bb7a43abf69b4831754d477ad6c2ff7025e4c_amd64",
"product_id": "multicluster-engine/clusterclaims-controller-rhel8@sha256:aef69de3c4180dfbe2a962a3b76bb7a43abf69b4831754d477ad6c2ff7025e4c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel8@sha256:aef69de3c4180dfbe2a962a3b76bb7a43abf69b4831754d477ad6c2ff7025e4c?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/cluster-curator-controller-rhel8@sha256:9e7795ff57aa032f40b2370c472bc77d9dfe94a2def4a800664d8dd2603287b6_amd64",
"product": {
"name": "multicluster-engine/cluster-curator-controller-rhel8@sha256:9e7795ff57aa032f40b2370c472bc77d9dfe94a2def4a800664d8dd2603287b6_amd64",
"product_id": "multicluster-engine/cluster-curator-controller-rhel8@sha256:9e7795ff57aa032f40b2370c472bc77d9dfe94a2def4a800664d8dd2603287b6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel8@sha256:9e7795ff57aa032f40b2370c472bc77d9dfe94a2def4a800664d8dd2603287b6?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:77791c7940c9f85a944124671387b7516de1a6eb8e041d5444e37cbccef9a85d_amd64",
"product": {
"name": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:77791c7940c9f85a944124671387b7516de1a6eb8e041d5444e37cbccef9a85d_amd64",
"product_id": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:77791c7940c9f85a944124671387b7516de1a6eb8e041d5444e37cbccef9a85d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel8@sha256:77791c7940c9f85a944124671387b7516de1a6eb8e041d5444e37cbccef9a85d?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64",
"product": {
"name": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64",
"product_id": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-console-mce-rhel8\u0026tag=v2.0.8-6"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64",
"product": {
"name": "multicluster-engine/console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64",
"product_id": "multicluster-engine/console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/console-mce-rhel8\u0026tag=v2.0.8-6"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/discovery-rhel8@sha256:887547d481f3f818733fa25a8f64c77a376adb60099de728ea90190561200404_amd64",
"product": {
"name": "multicluster-engine/discovery-rhel8@sha256:887547d481f3f818733fa25a8f64c77a376adb60099de728ea90190561200404_amd64",
"product_id": "multicluster-engine/discovery-rhel8@sha256:887547d481f3f818733fa25a8f64c77a376adb60099de728ea90190561200404_amd64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel8@sha256:887547d481f3f818733fa25a8f64c77a376adb60099de728ea90190561200404?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/discovery-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/hive-rhel8@sha256:720ec4d34ae8632fafe7d7fcc4458b0829dac6ca72c1b3d3198d1f9030a6d36c_amd64",
"product": {
"name": "multicluster-engine/hive-rhel8@sha256:720ec4d34ae8632fafe7d7fcc4458b0829dac6ca72c1b3d3198d1f9030a6d36c_amd64",
"product_id": "multicluster-engine/hive-rhel8@sha256:720ec4d34ae8632fafe7d7fcc4458b0829dac6ca72c1b3d3198d1f9030a6d36c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hive-rhel8@sha256:720ec4d34ae8632fafe7d7fcc4458b0829dac6ca72c1b3d3198d1f9030a6d36c?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/hive-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64",
"product": {
"name": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64",
"product_id": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64",
"product": {
"name": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64",
"product_id": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/hypershift-addon-rhel8-operator\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64",
"product": {
"name": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64",
"product_id": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64",
"product": {
"name": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64",
"product_id": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/hypershift-deployment-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/hypershift-rhel8-operator@sha256:4099d03b88270583ebfa88cc0871c866a0e4fae23cb3f7ac0f30a044abbfc19c_amd64",
"product": {
"name": "multicluster-engine/hypershift-rhel8-operator@sha256:4099d03b88270583ebfa88cc0871c866a0e4fae23cb3f7ac0f30a044abbfc19c_amd64",
"product_id": "multicluster-engine/hypershift-rhel8-operator@sha256:4099d03b88270583ebfa88cc0871c866a0e4fae23cb3f7ac0f30a044abbfc19c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-rhel8-operator@sha256:4099d03b88270583ebfa88cc0871c866a0e4fae23cb3f7ac0f30a044abbfc19c?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/hypershift-rhel8-operator\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/klusterlet-operator-bundle@sha256:ddd18b21fafa2176bfbde814a53fc5a40b3722b12d79c4157d667dbfa1325237_amd64",
"product": {
"name": "multicluster-engine/klusterlet-operator-bundle@sha256:ddd18b21fafa2176bfbde814a53fc5a40b3722b12d79c4157d667dbfa1325237_amd64",
"product_id": "multicluster-engine/klusterlet-operator-bundle@sha256:ddd18b21fafa2176bfbde814a53fc5a40b3722b12d79c4157d667dbfa1325237_amd64",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-operator-bundle@sha256:ddd18b21fafa2176bfbde814a53fc5a40b3722b12d79c4157d667dbfa1325237?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/klusterlet-operator-bundle\u0026tag=v2.0.8-7"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:f90f0e95129a18aef15c042623876ba25021ab712ab8e49436f8fc93db819c0a_amd64",
"product": {
"name": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:f90f0e95129a18aef15c042623876ba25021ab712ab8e49436f8fc93db819c0a_amd64",
"product_id": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:f90f0e95129a18aef15c042623876ba25021ab712ab8e49436f8fc93db819c0a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel8@sha256:f90f0e95129a18aef15c042623876ba25021ab712ab8e49436f8fc93db819c0a?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64",
"product": {
"name": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64",
"product_id": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-engine-managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64",
"product": {
"name": "multicluster-engine/managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64",
"product_id": "multicluster-engine/managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64",
"product_identification_helper": {
"purl": "pkg:oci/managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/multicloud-manager-rhel8@sha256:65dca9c9cdd048741de37ef876f5b57f2a5a939e3f5c9557d896bc780d791e66_amd64",
"product": {
"name": "multicluster-engine/multicloud-manager-rhel8@sha256:65dca9c9cdd048741de37ef876f5b57f2a5a939e3f5c9557d896bc780d791e66_amd64",
"product_id": "multicluster-engine/multicloud-manager-rhel8@sha256:65dca9c9cdd048741de37ef876f5b57f2a5a939e3f5c9557d896bc780d791e66_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel8@sha256:65dca9c9cdd048741de37ef876f5b57f2a5a939e3f5c9557d896bc780d791e66?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/multicloud-manager-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/must-gather-rhel8@sha256:ffef6adc375beee26475d5efc07046a1cbaa74566146dbbc71f43f32d6ce6617_amd64",
"product": {
"name": "multicluster-engine/must-gather-rhel8@sha256:ffef6adc375beee26475d5efc07046a1cbaa74566146dbbc71f43f32d6ce6617_amd64",
"product_id": "multicluster-engine/must-gather-rhel8@sha256:ffef6adc375beee26475d5efc07046a1cbaa74566146dbbc71f43f32d6ce6617_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:ffef6adc375beee26475d5efc07046a1cbaa74566146dbbc71f43f32d6ce6617?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/must-gather-rhel8\u0026tag=v2.0.8-4"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/mce-operator-bundle@sha256:a73bac9337c0fae87839aa22e019e7b7ce67367510eb2f18dd1aab56e036793d_amd64",
"product": {
"name": "multicluster-engine/mce-operator-bundle@sha256:a73bac9337c0fae87839aa22e019e7b7ce67367510eb2f18dd1aab56e036793d_amd64",
"product_id": "multicluster-engine/mce-operator-bundle@sha256:a73bac9337c0fae87839aa22e019e7b7ce67367510eb2f18dd1aab56e036793d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mce-operator-bundle@sha256:a73bac9337c0fae87839aa22e019e7b7ce67367510eb2f18dd1aab56e036793d?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/mce-operator-bundle\u0026tag=v2.0.8-6"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/backplane-rhel8-operator@sha256:66f04ea3ac06850f613a425ea8187e3239ef2ec1b75f5ace99ee02586ae8d58c_amd64",
"product": {
"name": "multicluster-engine/backplane-rhel8-operator@sha256:66f04ea3ac06850f613a425ea8187e3239ef2ec1b75f5ace99ee02586ae8d58c_amd64",
"product_id": "multicluster-engine/backplane-rhel8-operator@sha256:66f04ea3ac06850f613a425ea8187e3239ef2ec1b75f5ace99ee02586ae8d58c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/backplane-rhel8-operator@sha256:66f04ea3ac06850f613a425ea8187e3239ef2ec1b75f5ace99ee02586ae8d58c?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/backplane-rhel8-operator\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/placement-rhel8@sha256:d966faac5b5d195777d3c5e5b47295120f86090b69274a409ab2b73874a01b3f_amd64",
"product": {
"name": "multicluster-engine/placement-rhel8@sha256:d966faac5b5d195777d3c5e5b47295120f86090b69274a409ab2b73874a01b3f_amd64",
"product_id": "multicluster-engine/placement-rhel8@sha256:d966faac5b5d195777d3c5e5b47295120f86090b69274a409ab2b73874a01b3f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel8@sha256:d966faac5b5d195777d3c5e5b47295120f86090b69274a409ab2b73874a01b3f?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/placement-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/provider-credential-controller-rhel8@sha256:531c9517a105f85924d8d59942e8026d5f9ccc0a03533a0e681028477c5391ce_amd64",
"product": {
"name": "multicluster-engine/provider-credential-controller-rhel8@sha256:531c9517a105f85924d8d59942e8026d5f9ccc0a03533a0e681028477c5391ce_amd64",
"product_id": "multicluster-engine/provider-credential-controller-rhel8@sha256:531c9517a105f85924d8d59942e8026d5f9ccc0a03533a0e681028477c5391ce_amd64",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel8@sha256:531c9517a105f85924d8d59942e8026d5f9ccc0a03533a0e681028477c5391ce?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/provider-credential-controller-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/registration-rhel8@sha256:b0c76e6b1623f786eab4867a86efbaa628f48363d0bff71b729a7e84b6e3626e_amd64",
"product": {
"name": "multicluster-engine/registration-rhel8@sha256:b0c76e6b1623f786eab4867a86efbaa628f48363d0bff71b729a7e84b6e3626e_amd64",
"product_id": "multicluster-engine/registration-rhel8@sha256:b0c76e6b1623f786eab4867a86efbaa628f48363d0bff71b729a7e84b6e3626e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel8@sha256:b0c76e6b1623f786eab4867a86efbaa628f48363d0bff71b729a7e84b6e3626e?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/registration-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/registration-operator-rhel8@sha256:4188443f596121ffd8188eaeb24da37cb51d0a22d575460f7fede72971128eb5_amd64",
"product": {
"name": "multicluster-engine/registration-operator-rhel8@sha256:4188443f596121ffd8188eaeb24da37cb51d0a22d575460f7fede72971128eb5_amd64",
"product_id": "multicluster-engine/registration-operator-rhel8@sha256:4188443f596121ffd8188eaeb24da37cb51d0a22d575460f7fede72971128eb5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/registration-operator-rhel8@sha256:4188443f596121ffd8188eaeb24da37cb51d0a22d575460f7fede72971128eb5?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/registration-operator-rhel8\u0026tag=v2.0.8-3"
}
}
},
{
"category": "product_version",
"name": "multicluster-engine/work-rhel8@sha256:0fc3f91ab12649fe499021a9640f3d9386b96c3cd0f444abc4e92dafcb3a8138_amd64",
"product": {
"name": "multicluster-engine/work-rhel8@sha256:0fc3f91ab12649fe499021a9640f3d9386b96c3cd0f444abc4e92dafcb3a8138_amd64",
"product_id": "multicluster-engine/work-rhel8@sha256:0fc3f91ab12649fe499021a9640f3d9386b96c3cd0f444abc4e92dafcb3a8138_amd64",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel8@sha256:0fc3f91ab12649fe499021a9640f3d9386b96c3cd0f444abc4e92dafcb3a8138?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/work-rhel8\u0026tag=v2.0.8-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/agent-service-rhel8@sha256:97953db07d72c8c9bc4a02d9d9828e0356564ae077a5627008cd935eacd3c431_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:97953db07d72c8c9bc4a02d9d9828e0356564ae077a5627008cd935eacd3c431_amd64"
},
"product_reference": "multicluster-engine/agent-service-rhel8@sha256:97953db07d72c8c9bc4a02d9d9828e0356564ae077a5627008cd935eacd3c431_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/agent-service-rhel8@sha256:cdeac0e0e24681815d84fa4adcdba1ba6f58e13eef2ba40e339d925b9d6e31ac_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:cdeac0e0e24681815d84fa4adcdba1ba6f58e13eef2ba40e339d925b9d6e31ac_s390x"
},
"product_reference": "multicluster-engine/agent-service-rhel8@sha256:cdeac0e0e24681815d84fa4adcdba1ba6f58e13eef2ba40e339d925b9d6e31ac_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/agent-service-rhel8@sha256:e23fd8486bb6d5a855c19fa5c6deacc4b618050b24682a39e43c72b54d477259_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:e23fd8486bb6d5a855c19fa5c6deacc4b618050b24682a39e43c72b54d477259_ppc64le"
},
"product_reference": "multicluster-engine/agent-service-rhel8@sha256:e23fd8486bb6d5a855c19fa5c6deacc4b618050b24682a39e43c72b54d477259_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/agent-service-rhel8@sha256:e9db5bbb914fc5acb2fd4043fe080871137efa7898076978e6760d066cb6e3ae_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:e9db5bbb914fc5acb2fd4043fe080871137efa7898076978e6760d066cb6e3ae_arm64"
},
"product_reference": "multicluster-engine/agent-service-rhel8@sha256:e9db5bbb914fc5acb2fd4043fe080871137efa7898076978e6760d066cb6e3ae_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:1059dcf0baa10711293d1a68e2cf94007700c10ae766108e4516363d7719b053_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:1059dcf0baa10711293d1a68e2cf94007700c10ae766108e4516363d7719b053_arm64"
},
"product_reference": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:1059dcf0baa10711293d1a68e2cf94007700c10ae766108e4516363d7719b053_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:2e08cfabf6782aa509b30121ba3ec0c892bc72561623389b79c0913d92f6e7cb_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:2e08cfabf6782aa509b30121ba3ec0c892bc72561623389b79c0913d92f6e7cb_s390x"
},
"product_reference": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:2e08cfabf6782aa509b30121ba3ec0c892bc72561623389b79c0913d92f6e7cb_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:45980a82d18011f10fa1359ee4f8bb58f1d733945c95c05c65cf9ed27ffc7711_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:45980a82d18011f10fa1359ee4f8bb58f1d733945c95c05c65cf9ed27ffc7711_amd64"
},
"product_reference": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:45980a82d18011f10fa1359ee4f8bb58f1d733945c95c05c65cf9ed27ffc7711_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:ca21d47df9252c588ac3b62ee4c9c316dd78841f4c01370d000a82b4bf6989d4_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:ca21d47df9252c588ac3b62ee4c9c316dd78841f4c01370d000a82b4bf6989d4_ppc64le"
},
"product_reference": "multicluster-engine/apiserver-network-proxy-rhel8@sha256:ca21d47df9252c588ac3b62ee4c9c316dd78841f4c01370d000a82b4bf6989d4_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/assisted-image-service-rhel8@sha256:010f4302c1a117c4b6acec689dc4b3e163a7aa8248a8cb404ea798332e763a2d_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:010f4302c1a117c4b6acec689dc4b3e163a7aa8248a8cb404ea798332e763a2d_ppc64le"
},
"product_reference": "multicluster-engine/assisted-image-service-rhel8@sha256:010f4302c1a117c4b6acec689dc4b3e163a7aa8248a8cb404ea798332e763a2d_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/assisted-image-service-rhel8@sha256:528c1beba81ee8df1d285d6a6247aa9d5e015e3383b3df24069a953a13ae6af4_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:528c1beba81ee8df1d285d6a6247aa9d5e015e3383b3df24069a953a13ae6af4_arm64"
},
"product_reference": "multicluster-engine/assisted-image-service-rhel8@sha256:528c1beba81ee8df1d285d6a6247aa9d5e015e3383b3df24069a953a13ae6af4_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/assisted-image-service-rhel8@sha256:8b80abdec9e38c0cc9bf194bd5258ec64eedd989f9d6cd1c9d5abc2c553e1496_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:8b80abdec9e38c0cc9bf194bd5258ec64eedd989f9d6cd1c9d5abc2c553e1496_amd64"
},
"product_reference": "multicluster-engine/assisted-image-service-rhel8@sha256:8b80abdec9e38c0cc9bf194bd5258ec64eedd989f9d6cd1c9d5abc2c553e1496_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/assisted-image-service-rhel8@sha256:d2553de872868aca142da2831e08e9ad8d59cebda44460e0c0f8fdb6554e8f7a_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:d2553de872868aca142da2831e08e9ad8d59cebda44460e0c0f8fdb6554e8f7a_s390x"
},
"product_reference": "multicluster-engine/assisted-image-service-rhel8@sha256:d2553de872868aca142da2831e08e9ad8d59cebda44460e0c0f8fdb6554e8f7a_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/assisted-installer-agent-rhel8@sha256:1efe34c3f8b6303b397c74ddb2b43ac782dfa5bce69108eedd6b6122ced14601_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-agent-rhel8@sha256:1efe34c3f8b6303b397c74ddb2b43ac782dfa5bce69108eedd6b6122ced14601_amd64"
},
"product_reference": "multicluster-engine/assisted-installer-agent-rhel8@sha256:1efe34c3f8b6303b397c74ddb2b43ac782dfa5bce69108eedd6b6122ced14601_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/assisted-installer-agent-rhel8@sha256:5625b33a8e26fa2531a5da42151b8cda7592c6f4252d4b5d1b81e2a822509634_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-agent-rhel8@sha256:5625b33a8e26fa2531a5da42151b8cda7592c6f4252d4b5d1b81e2a822509634_arm64"
},
"product_reference": "multicluster-engine/assisted-installer-agent-rhel8@sha256:5625b33a8e26fa2531a5da42151b8cda7592c6f4252d4b5d1b81e2a822509634_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/assisted-installer-reporter-rhel8@sha256:6c652ca955753d38ae8001a96a7566f9fddeda7dafb539c5690ef9e59dba5898_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-reporter-rhel8@sha256:6c652ca955753d38ae8001a96a7566f9fddeda7dafb539c5690ef9e59dba5898_ppc64le"
},
"product_reference": "multicluster-engine/assisted-installer-reporter-rhel8@sha256:6c652ca955753d38ae8001a96a7566f9fddeda7dafb539c5690ef9e59dba5898_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/assisted-installer-reporter-rhel8@sha256:c91750d80bda566c0ec42de51da726ee12639011c5d20f407b9b1aeaaf580735_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-reporter-rhel8@sha256:c91750d80bda566c0ec42de51da726ee12639011c5d20f407b9b1aeaaf580735_amd64"
},
"product_reference": "multicluster-engine/assisted-installer-reporter-rhel8@sha256:c91750d80bda566c0ec42de51da726ee12639011c5d20f407b9b1aeaaf580735_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/assisted-installer-reporter-rhel8@sha256:f3550478f1c5c94c40e14fb621238cdaa2a774cb20ca5c5a7b396c525bb7b119_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-reporter-rhel8@sha256:f3550478f1c5c94c40e14fb621238cdaa2a774cb20ca5c5a7b396c525bb7b119_arm64"
},
"product_reference": "multicluster-engine/assisted-installer-reporter-rhel8@sha256:f3550478f1c5c94c40e14fb621238cdaa2a774cb20ca5c5a7b396c525bb7b119_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/assisted-installer-rhel8@sha256:0124ef35b82f022c1067926e82c8d5b87dbecd9faaacf95222a971489f3cdbc7_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-rhel8@sha256:0124ef35b82f022c1067926e82c8d5b87dbecd9faaacf95222a971489f3cdbc7_arm64"
},
"product_reference": "multicluster-engine/assisted-installer-rhel8@sha256:0124ef35b82f022c1067926e82c8d5b87dbecd9faaacf95222a971489f3cdbc7_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/assisted-installer-rhel8@sha256:3931b8f7b46b45cd03e3fbfbe086096ba314a03a764f2a2793c1c6296f976c4f_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-rhel8@sha256:3931b8f7b46b45cd03e3fbfbe086096ba314a03a764f2a2793c1c6296f976c4f_amd64"
},
"product_reference": "multicluster-engine/assisted-installer-rhel8@sha256:3931b8f7b46b45cd03e3fbfbe086096ba314a03a764f2a2793c1c6296f976c4f_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/assisted-installer-rhel8@sha256:963dfc99b824553e6d824e9e82f01771b6f9418e0e0e7d12cb63400ce20d1a18_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-rhel8@sha256:963dfc99b824553e6d824e9e82f01771b6f9418e0e0e7d12cb63400ce20d1a18_ppc64le"
},
"product_reference": "multicluster-engine/assisted-installer-rhel8@sha256:963dfc99b824553e6d824e9e82f01771b6f9418e0e0e7d12cb63400ce20d1a18_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/aws-encryption-provider-rhel8@sha256:3012a831579eea8ad086e93891425e69dc0032085bd1b27241ab365ff6eaeef9_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:3012a831579eea8ad086e93891425e69dc0032085bd1b27241ab365ff6eaeef9_arm64"
},
"product_reference": "multicluster-engine/aws-encryption-provider-rhel8@sha256:3012a831579eea8ad086e93891425e69dc0032085bd1b27241ab365ff6eaeef9_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/aws-encryption-provider-rhel8@sha256:71850057b0538d3b2e2279e4db976feeffc6250f02027ad7063236369f63407f_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:71850057b0538d3b2e2279e4db976feeffc6250f02027ad7063236369f63407f_amd64"
},
"product_reference": "multicluster-engine/aws-encryption-provider-rhel8@sha256:71850057b0538d3b2e2279e4db976feeffc6250f02027ad7063236369f63407f_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/aws-encryption-provider-rhel8@sha256:b390f8ad0a6300897c423ccf7a3b5b5ccaf0376f7db41433db04e02f94c6450b_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:b390f8ad0a6300897c423ccf7a3b5b5ccaf0376f7db41433db04e02f94c6450b_ppc64le"
},
"product_reference": "multicluster-engine/aws-encryption-provider-rhel8@sha256:b390f8ad0a6300897c423ccf7a3b5b5ccaf0376f7db41433db04e02f94c6450b_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/aws-encryption-provider-rhel8@sha256:eb1387b820c9de595a0e7fb85ead887fcb75ea5fda6bfd786ff4e4985421dd3d_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:eb1387b820c9de595a0e7fb85ead887fcb75ea5fda6bfd786ff4e4985421dd3d_s390x"
},
"product_reference": "multicluster-engine/aws-encryption-provider-rhel8@sha256:eb1387b820c9de595a0e7fb85ead887fcb75ea5fda6bfd786ff4e4985421dd3d_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/backplane-rhel8-operator@sha256:5696b46bc8706b1774816a604686d7f86314fa75e213e208e6866aa3e0b9c07b_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:5696b46bc8706b1774816a604686d7f86314fa75e213e208e6866aa3e0b9c07b_s390x"
},
"product_reference": "multicluster-engine/backplane-rhel8-operator@sha256:5696b46bc8706b1774816a604686d7f86314fa75e213e208e6866aa3e0b9c07b_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/backplane-rhel8-operator@sha256:66f04ea3ac06850f613a425ea8187e3239ef2ec1b75f5ace99ee02586ae8d58c_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:66f04ea3ac06850f613a425ea8187e3239ef2ec1b75f5ace99ee02586ae8d58c_amd64"
},
"product_reference": "multicluster-engine/backplane-rhel8-operator@sha256:66f04ea3ac06850f613a425ea8187e3239ef2ec1b75f5ace99ee02586ae8d58c_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/backplane-rhel8-operator@sha256:6eed5640e54dcf316b7066be74a7e4d3ba5518104806b9889c4602c8314141bc_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:6eed5640e54dcf316b7066be74a7e4d3ba5518104806b9889c4602c8314141bc_ppc64le"
},
"product_reference": "multicluster-engine/backplane-rhel8-operator@sha256:6eed5640e54dcf316b7066be74a7e4d3ba5518104806b9889c4602c8314141bc_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/backplane-rhel8-operator@sha256:a0a3320c90275244b8bca4e4498b86ebc1a3686d7087af20929231788699459a_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:a0a3320c90275244b8bca4e4498b86ebc1a3686d7087af20929231788699459a_arm64"
},
"product_reference": "multicluster-engine/backplane-rhel8-operator@sha256:a0a3320c90275244b8bca4e4498b86ebc1a3686d7087af20929231788699459a_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le"
},
"product_reference": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64"
},
"product_reference": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x"
},
"product_reference": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64"
},
"product_reference": "multicluster-engine/cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:320e4df9f6cc6859a3d07dddb7b7d85833c6c03aa07cac7ad2ba200defbb6273_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:320e4df9f6cc6859a3d07dddb7b7d85833c6c03aa07cac7ad2ba200defbb6273_s390x"
},
"product_reference": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:320e4df9f6cc6859a3d07dddb7b7d85833c6c03aa07cac7ad2ba200defbb6273_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:3b2e31ac71b7fce2babcb0dc2e662adf2be4765e0ee45a9c56d45a74d9d2cc6a_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:3b2e31ac71b7fce2babcb0dc2e662adf2be4765e0ee45a9c56d45a74d9d2cc6a_arm64"
},
"product_reference": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:3b2e31ac71b7fce2babcb0dc2e662adf2be4765e0ee45a9c56d45a74d9d2cc6a_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:6d43e17b3ab9fdf058c7be85a39fbf51a13017db4ca48ad87bdce2aab4b10bea_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:6d43e17b3ab9fdf058c7be85a39fbf51a13017db4ca48ad87bdce2aab4b10bea_amd64"
},
"product_reference": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:6d43e17b3ab9fdf058c7be85a39fbf51a13017db4ca48ad87bdce2aab4b10bea_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:92b1741abd7956f31d8230e3b03c7946845fe1fea347108b1e8f9d1775b21ec8_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:92b1741abd7956f31d8230e3b03c7946845fe1fea347108b1e8f9d1775b21ec8_ppc64le"
},
"product_reference": "multicluster-engine/cluster-api-provider-aws-rhel8@sha256:92b1741abd7956f31d8230e3b03c7946845fe1fea347108b1e8f9d1775b21ec8_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:0a53815dd1518a8e10ea26c9f3a024c675a41f901bd0d81a0bc6974f837342fd_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:0a53815dd1518a8e10ea26c9f3a024c675a41f901bd0d81a0bc6974f837342fd_ppc64le"
},
"product_reference": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:0a53815dd1518a8e10ea26c9f3a024c675a41f901bd0d81a0bc6974f837342fd_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:2cbfaec7d07fc6bf940a300c949f3947e0a520524410432b7b519bd1e0ec9a1f_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:2cbfaec7d07fc6bf940a300c949f3947e0a520524410432b7b519bd1e0ec9a1f_amd64"
},
"product_reference": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:2cbfaec7d07fc6bf940a300c949f3947e0a520524410432b7b519bd1e0ec9a1f_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:67198da77e57e2d95f586b936bc8722a4eb20ba788e6517a8db7063b5360a0d4_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:67198da77e57e2d95f586b936bc8722a4eb20ba788e6517a8db7063b5360a0d4_s390x"
},
"product_reference": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:67198da77e57e2d95f586b936bc8722a4eb20ba788e6517a8db7063b5360a0d4_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:bf3c059f40af3d2b9861554d2d44f8b46276bfefdcaef446db289d3fc1024e90_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:bf3c059f40af3d2b9861554d2d44f8b46276bfefdcaef446db289d3fc1024e90_arm64"
},
"product_reference": "multicluster-engine/cluster-api-provider-azure-rhel8@sha256:bf3c059f40af3d2b9861554d2d44f8b46276bfefdcaef446db289d3fc1024e90_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:8c37756fda2356c49d09413842c29d6d040970e90db1aff2c1e95fed50fb706f_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:8c37756fda2356c49d09413842c29d6d040970e90db1aff2c1e95fed50fb706f_amd64"
},
"product_reference": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:8c37756fda2356c49d09413842c29d6d040970e90db1aff2c1e95fed50fb706f_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:9b1147e21ad2d09ae2fbe6e85fc60d11244507c67ce88821af1e4894fb3a0f18_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:9b1147e21ad2d09ae2fbe6e85fc60d11244507c67ce88821af1e4894fb3a0f18_s390x"
},
"product_reference": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:9b1147e21ad2d09ae2fbe6e85fc60d11244507c67ce88821af1e4894fb3a0f18_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:a104efc00d5605f7a8d69400032baa2bbd1aa2371e5b3386ba667d8b6ce3d466_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:a104efc00d5605f7a8d69400032baa2bbd1aa2371e5b3386ba667d8b6ce3d466_arm64"
},
"product_reference": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:a104efc00d5605f7a8d69400032baa2bbd1aa2371e5b3386ba667d8b6ce3d466_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:e994ecb70c2b61627a12d6651126da1616862c7121f85ec36883feb6482cdd76_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:e994ecb70c2b61627a12d6651126da1616862c7121f85ec36883feb6482cdd76_ppc64le"
},
"product_reference": "multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:e994ecb70c2b61627a12d6651126da1616862c7121f85ec36883feb6482cdd76_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-rhel8@sha256:ae5f08167c324a5a09332ec9fbfd26dbf750dfe9fb0f3f20b1c3eaff428628d3_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:ae5f08167c324a5a09332ec9fbfd26dbf750dfe9fb0f3f20b1c3eaff428628d3_amd64"
},
"product_reference": "multicluster-engine/cluster-api-rhel8@sha256:ae5f08167c324a5a09332ec9fbfd26dbf750dfe9fb0f3f20b1c3eaff428628d3_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-rhel8@sha256:c67a2d4058dab7046d81159442cb751b79d14ce66868c5f02c58e41949a0ff92_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:c67a2d4058dab7046d81159442cb751b79d14ce66868c5f02c58e41949a0ff92_arm64"
},
"product_reference": "multicluster-engine/cluster-api-rhel8@sha256:c67a2d4058dab7046d81159442cb751b79d14ce66868c5f02c58e41949a0ff92_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-rhel8@sha256:f64b4dd9ae882951c4ea5a0a8228365d0f2fbf525389da4955c676b9e5b9b301_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:f64b4dd9ae882951c4ea5a0a8228365d0f2fbf525389da4955c676b9e5b9b301_ppc64le"
},
"product_reference": "multicluster-engine/cluster-api-rhel8@sha256:f64b4dd9ae882951c4ea5a0a8228365d0f2fbf525389da4955c676b9e5b9b301_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-api-rhel8@sha256:f8574b6e0214f8a3ef5bdcb2bb45612001b1174ad514a1d130fa965d882799ea_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:f8574b6e0214f8a3ef5bdcb2bb45612001b1174ad514a1d130fa965d882799ea_s390x"
},
"product_reference": "multicluster-engine/cluster-api-rhel8@sha256:f8574b6e0214f8a3ef5bdcb2bb45612001b1174ad514a1d130fa965d882799ea_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-curator-controller-rhel8@sha256:2d63f24ede8bcd88a28a83b0b08ace3c3d83324ecf8fe1d1668a4598355a6172_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:2d63f24ede8bcd88a28a83b0b08ace3c3d83324ecf8fe1d1668a4598355a6172_arm64"
},
"product_reference": "multicluster-engine/cluster-curator-controller-rhel8@sha256:2d63f24ede8bcd88a28a83b0b08ace3c3d83324ecf8fe1d1668a4598355a6172_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-curator-controller-rhel8@sha256:62133004ef96b4d55d1cc2849605869096cbe8b1fe547425d9b17369a39cdd9b_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:62133004ef96b4d55d1cc2849605869096cbe8b1fe547425d9b17369a39cdd9b_s390x"
},
"product_reference": "multicluster-engine/cluster-curator-controller-rhel8@sha256:62133004ef96b4d55d1cc2849605869096cbe8b1fe547425d9b17369a39cdd9b_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-curator-controller-rhel8@sha256:67204a2cae0b957eea73936132cc17d2760d4191e894bc864850da4701f2c287_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:67204a2cae0b957eea73936132cc17d2760d4191e894bc864850da4701f2c287_ppc64le"
},
"product_reference": "multicluster-engine/cluster-curator-controller-rhel8@sha256:67204a2cae0b957eea73936132cc17d2760d4191e894bc864850da4701f2c287_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/cluster-curator-controller-rhel8@sha256:9e7795ff57aa032f40b2370c472bc77d9dfe94a2def4a800664d8dd2603287b6_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:9e7795ff57aa032f40b2370c472bc77d9dfe94a2def4a800664d8dd2603287b6_amd64"
},
"product_reference": "multicluster-engine/cluster-curator-controller-rhel8@sha256:9e7795ff57aa032f40b2370c472bc77d9dfe94a2def4a800664d8dd2603287b6_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/clusterclaims-controller-rhel8@sha256:291ec74b7090fe978c3177ef010fffccfa2aa5577f260afbb77346a856701c57_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:291ec74b7090fe978c3177ef010fffccfa2aa5577f260afbb77346a856701c57_s390x"
},
"product_reference": "multicluster-engine/clusterclaims-controller-rhel8@sha256:291ec74b7090fe978c3177ef010fffccfa2aa5577f260afbb77346a856701c57_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/clusterclaims-controller-rhel8@sha256:aef69de3c4180dfbe2a962a3b76bb7a43abf69b4831754d477ad6c2ff7025e4c_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:aef69de3c4180dfbe2a962a3b76bb7a43abf69b4831754d477ad6c2ff7025e4c_amd64"
},
"product_reference": "multicluster-engine/clusterclaims-controller-rhel8@sha256:aef69de3c4180dfbe2a962a3b76bb7a43abf69b4831754d477ad6c2ff7025e4c_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/clusterclaims-controller-rhel8@sha256:c09a2cb2645bd5185ff2f8eaa55faf347eb88cad23ac950786fcc86885e38e14_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:c09a2cb2645bd5185ff2f8eaa55faf347eb88cad23ac950786fcc86885e38e14_arm64"
},
"product_reference": "multicluster-engine/clusterclaims-controller-rhel8@sha256:c09a2cb2645bd5185ff2f8eaa55faf347eb88cad23ac950786fcc86885e38e14_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/clusterclaims-controller-rhel8@sha256:d46cabb6560cc0e35d2ddb3ab4796e72b7065d78b7ccefc9b66de1463642ecb6_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:d46cabb6560cc0e35d2ddb3ab4796e72b7065d78b7ccefc9b66de1463642ecb6_ppc64le"
},
"product_reference": "multicluster-engine/clusterclaims-controller-rhel8@sha256:d46cabb6560cc0e35d2ddb3ab4796e72b7065d78b7ccefc9b66de1463642ecb6_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:530a667f5ad05a09af6cd33f751f1357b36a0e09ab487e5a3c36a026410f3bf0_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:530a667f5ad05a09af6cd33f751f1357b36a0e09ab487e5a3c36a026410f3bf0_ppc64le"
},
"product_reference": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:530a667f5ad05a09af6cd33f751f1357b36a0e09ab487e5a3c36a026410f3bf0_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:77791c7940c9f85a944124671387b7516de1a6eb8e041d5444e37cbccef9a85d_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:77791c7940c9f85a944124671387b7516de1a6eb8e041d5444e37cbccef9a85d_amd64"
},
"product_reference": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:77791c7940c9f85a944124671387b7516de1a6eb8e041d5444e37cbccef9a85d_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:a42f3167ed09241a24d8884b0b757f01fbf8dc64eec84eeb796ebb7685e3b21d_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:a42f3167ed09241a24d8884b0b757f01fbf8dc64eec84eeb796ebb7685e3b21d_arm64"
},
"product_reference": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:a42f3167ed09241a24d8884b0b757f01fbf8dc64eec84eeb796ebb7685e3b21d_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:b0799509c1ee7b0edf031c55d96bd0d2345deb2fdbb70f573ac45c4a895dab16_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:b0799509c1ee7b0edf031c55d96bd0d2345deb2fdbb70f573ac45c4a895dab16_s390x"
},
"product_reference": "multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:b0799509c1ee7b0edf031c55d96bd0d2345deb2fdbb70f573ac45c4a895dab16_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64"
},
"product_reference": "multicluster-engine/console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64"
},
"product_reference": "multicluster-engine/console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le"
},
"product_reference": "multicluster-engine/console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x"
},
"product_reference": "multicluster-engine/console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/discovery-rhel8@sha256:887547d481f3f818733fa25a8f64c77a376adb60099de728ea90190561200404_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:887547d481f3f818733fa25a8f64c77a376adb60099de728ea90190561200404_amd64"
},
"product_reference": "multicluster-engine/discovery-rhel8@sha256:887547d481f3f818733fa25a8f64c77a376adb60099de728ea90190561200404_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/discovery-rhel8@sha256:af98a2684f06cded753b43f8f25bd63f1b08e6b4cb2b9f3ac985f487d30de108_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:af98a2684f06cded753b43f8f25bd63f1b08e6b4cb2b9f3ac985f487d30de108_arm64"
},
"product_reference": "multicluster-engine/discovery-rhel8@sha256:af98a2684f06cded753b43f8f25bd63f1b08e6b4cb2b9f3ac985f487d30de108_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/discovery-rhel8@sha256:c26c4d3be3429ad2523cc35e5ff3b6f97e472de421a5a6429934d0356e188d55_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:c26c4d3be3429ad2523cc35e5ff3b6f97e472de421a5a6429934d0356e188d55_ppc64le"
},
"product_reference": "multicluster-engine/discovery-rhel8@sha256:c26c4d3be3429ad2523cc35e5ff3b6f97e472de421a5a6429934d0356e188d55_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/discovery-rhel8@sha256:c500c34bcb80bc2a905f597e70e5cd1b2ff17a2e85e54963ce1e56a8c9f425d9_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:c500c34bcb80bc2a905f597e70e5cd1b2ff17a2e85e54963ce1e56a8c9f425d9_s390x"
},
"product_reference": "multicluster-engine/discovery-rhel8@sha256:c500c34bcb80bc2a905f597e70e5cd1b2ff17a2e85e54963ce1e56a8c9f425d9_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/hive-rhel8@sha256:56f69d5ac57ef0794b05aad95a0cc0e22b18fa3fbf2b5b7f8b75ab731add3b4b_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:56f69d5ac57ef0794b05aad95a0cc0e22b18fa3fbf2b5b7f8b75ab731add3b4b_ppc64le"
},
"product_reference": "multicluster-engine/hive-rhel8@sha256:56f69d5ac57ef0794b05aad95a0cc0e22b18fa3fbf2b5b7f8b75ab731add3b4b_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/hive-rhel8@sha256:720ec4d34ae8632fafe7d7fcc4458b0829dac6ca72c1b3d3198d1f9030a6d36c_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:720ec4d34ae8632fafe7d7fcc4458b0829dac6ca72c1b3d3198d1f9030a6d36c_amd64"
},
"product_reference": "multicluster-engine/hive-rhel8@sha256:720ec4d34ae8632fafe7d7fcc4458b0829dac6ca72c1b3d3198d1f9030a6d36c_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/hive-rhel8@sha256:90928e22f4899ecb02c43369165985d1724854b3e50a312fea4d84afa5ccfad2_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:90928e22f4899ecb02c43369165985d1724854b3e50a312fea4d84afa5ccfad2_arm64"
},
"product_reference": "multicluster-engine/hive-rhel8@sha256:90928e22f4899ecb02c43369165985d1724854b3e50a312fea4d84afa5ccfad2_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/hive-rhel8@sha256:fbd97fc8f1783f1d27f40e3f82af3d84edbb375927399ba41a13f9de9cc4d6a6_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:fbd97fc8f1783f1d27f40e3f82af3d84edbb375927399ba41a13f9de9cc4d6a6_s390x"
},
"product_reference": "multicluster-engine/hive-rhel8@sha256:fbd97fc8f1783f1d27f40e3f82af3d84edbb375927399ba41a13f9de9cc4d6a6_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le"
},
"product_reference": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x"
},
"product_reference": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64"
},
"product_reference": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64"
},
"product_reference": "multicluster-engine/hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le"
},
"product_reference": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x"
},
"product_reference": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64"
},
"product_reference": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64"
},
"product_reference": "multicluster-engine/hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/hypershift-rhel8-operator@sha256:4099d03b88270583ebfa88cc0871c866a0e4fae23cb3f7ac0f30a044abbfc19c_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:4099d03b88270583ebfa88cc0871c866a0e4fae23cb3f7ac0f30a044abbfc19c_amd64"
},
"product_reference": "multicluster-engine/hypershift-rhel8-operator@sha256:4099d03b88270583ebfa88cc0871c866a0e4fae23cb3f7ac0f30a044abbfc19c_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/hypershift-rhel8-operator@sha256:6a86908cfe9af55e299a23b413517fabce707297d8a9eb27072b8e54626c937b_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:6a86908cfe9af55e299a23b413517fabce707297d8a9eb27072b8e54626c937b_s390x"
},
"product_reference": "multicluster-engine/hypershift-rhel8-operator@sha256:6a86908cfe9af55e299a23b413517fabce707297d8a9eb27072b8e54626c937b_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/hypershift-rhel8-operator@sha256:7a86f63853bce0130300cac12c1dbe132e8b2cdb50aea05b3a0f9c6b1dd3bacf_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:7a86f63853bce0130300cac12c1dbe132e8b2cdb50aea05b3a0f9c6b1dd3bacf_ppc64le"
},
"product_reference": "multicluster-engine/hypershift-rhel8-operator@sha256:7a86f63853bce0130300cac12c1dbe132e8b2cdb50aea05b3a0f9c6b1dd3bacf_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/hypershift-rhel8-operator@sha256:e56690d30293de9cdd587577102fa9809f7c5dad2ae4f8403fcc2e79fac5b9af_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:e56690d30293de9cdd587577102fa9809f7c5dad2ae4f8403fcc2e79fac5b9af_arm64"
},
"product_reference": "multicluster-engine/hypershift-rhel8-operator@sha256:e56690d30293de9cdd587577102fa9809f7c5dad2ae4f8403fcc2e79fac5b9af_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/klusterlet-operator-bundle@sha256:ddd18b21fafa2176bfbde814a53fc5a40b3722b12d79c4157d667dbfa1325237_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/klusterlet-operator-bundle@sha256:ddd18b21fafa2176bfbde814a53fc5a40b3722b12d79c4157d667dbfa1325237_amd64"
},
"product_reference": "multicluster-engine/klusterlet-operator-bundle@sha256:ddd18b21fafa2176bfbde814a53fc5a40b3722b12d79c4157d667dbfa1325237_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x"
},
"product_reference": "multicluster-engine/managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64"
},
"product_reference": "multicluster-engine/managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le"
},
"product_reference": "multicluster-engine/managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64"
},
"product_reference": "multicluster-engine/managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:1f70e2efd2e2b9e94f3d1bed8b8e4590593d2d4b504fabc76e165ed709960cc9_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:1f70e2efd2e2b9e94f3d1bed8b8e4590593d2d4b504fabc76e165ed709960cc9_arm64"
},
"product_reference": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:1f70e2efd2e2b9e94f3d1bed8b8e4590593d2d4b504fabc76e165ed709960cc9_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:82db3097c74cbadff07c3c640ba6fc1f33cafd3cbc49428af9b3ddc448b7ecd0_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:82db3097c74cbadff07c3c640ba6fc1f33cafd3cbc49428af9b3ddc448b7ecd0_ppc64le"
},
"product_reference": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:82db3097c74cbadff07c3c640ba6fc1f33cafd3cbc49428af9b3ddc448b7ecd0_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:a613afada089b991101c09d4ee7e1d956db084bcfbd050950fc5911ac3474a7b_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:a613afada089b991101c09d4ee7e1d956db084bcfbd050950fc5911ac3474a7b_s390x"
},
"product_reference": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:a613afada089b991101c09d4ee7e1d956db084bcfbd050950fc5911ac3474a7b_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:f90f0e95129a18aef15c042623876ba25021ab712ab8e49436f8fc93db819c0a_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:f90f0e95129a18aef15c042623876ba25021ab712ab8e49436f8fc93db819c0a_amd64"
},
"product_reference": "multicluster-engine/managedcluster-import-controller-rhel8@sha256:f90f0e95129a18aef15c042623876ba25021ab712ab8e49436f8fc93db819c0a_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/mce-operator-bundle@sha256:a73bac9337c0fae87839aa22e019e7b7ce67367510eb2f18dd1aab56e036793d_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/mce-operator-bundle@sha256:a73bac9337c0fae87839aa22e019e7b7ce67367510eb2f18dd1aab56e036793d_amd64"
},
"product_reference": "multicluster-engine/mce-operator-bundle@sha256:a73bac9337c0fae87839aa22e019e7b7ce67367510eb2f18dd1aab56e036793d_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/mce-operator-bundle@sha256:e156e524f1327c690d775ceef353f49c1502fca33812f66e3a17b3e595fb2ff9_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/mce-operator-bundle@sha256:e156e524f1327c690d775ceef353f49c1502fca33812f66e3a17b3e595fb2ff9_ppc64le"
},
"product_reference": "multicluster-engine/mce-operator-bundle@sha256:e156e524f1327c690d775ceef353f49c1502fca33812f66e3a17b3e595fb2ff9_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/mce-operator-bundle@sha256:f6210c659d0790937648774acb89ad97733a8e5497f130e47f5f5b8439eb4b9d_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/mce-operator-bundle@sha256:f6210c659d0790937648774acb89ad97733a8e5497f130e47f5f5b8439eb4b9d_s390x"
},
"product_reference": "multicluster-engine/mce-operator-bundle@sha256:f6210c659d0790937648774acb89ad97733a8e5497f130e47f5f5b8439eb4b9d_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicloud-manager-rhel8@sha256:549e4c2f966fb81c86dd28f63d985e0b1d7f72d52d512336bdc54e7750f19ef1_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:549e4c2f966fb81c86dd28f63d985e0b1d7f72d52d512336bdc54e7750f19ef1_arm64"
},
"product_reference": "multicluster-engine/multicloud-manager-rhel8@sha256:549e4c2f966fb81c86dd28f63d985e0b1d7f72d52d512336bdc54e7750f19ef1_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicloud-manager-rhel8@sha256:5b04b649e4efc023eeda0c9437acdc380338f1497b4e0e338598395dccf0fca2_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:5b04b649e4efc023eeda0c9437acdc380338f1497b4e0e338598395dccf0fca2_ppc64le"
},
"product_reference": "multicluster-engine/multicloud-manager-rhel8@sha256:5b04b649e4efc023eeda0c9437acdc380338f1497b4e0e338598395dccf0fca2_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicloud-manager-rhel8@sha256:65dca9c9cdd048741de37ef876f5b57f2a5a939e3f5c9557d896bc780d791e66_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:65dca9c9cdd048741de37ef876f5b57f2a5a939e3f5c9557d896bc780d791e66_amd64"
},
"product_reference": "multicluster-engine/multicloud-manager-rhel8@sha256:65dca9c9cdd048741de37ef876f5b57f2a5a939e3f5c9557d896bc780d791e66_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicloud-manager-rhel8@sha256:74dc8934aab829b37a35cce6a0b1b41df138bd98eab84f4fd559df63f7a98194_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:74dc8934aab829b37a35cce6a0b1b41df138bd98eab84f4fd559df63f7a98194_s390x"
},
"product_reference": "multicluster-engine/multicloud-manager-rhel8@sha256:74dc8934aab829b37a35cce6a0b1b41df138bd98eab84f4fd559df63f7a98194_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le"
},
"product_reference": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64"
},
"product_reference": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x"
},
"product_reference": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64"
},
"product_reference": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64"
},
"product_reference": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64"
},
"product_reference": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le"
},
"product_reference": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x"
},
"product_reference": "multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le"
},
"product_reference": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x"
},
"product_reference": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64"
},
"product_reference": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64"
},
"product_reference": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le"
},
"product_reference": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x"
},
"product_reference": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64"
},
"product_reference": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64"
},
"product_reference": "multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x"
},
"product_reference": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64"
},
"product_reference": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le"
},
"product_reference": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64"
},
"product_reference": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/must-gather-rhel8@sha256:2d66f2ed20efc0f0d010b3ef1aab1efd29f2a05855a2162eb408e57e7c396048_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:2d66f2ed20efc0f0d010b3ef1aab1efd29f2a05855a2162eb408e57e7c396048_arm64"
},
"product_reference": "multicluster-engine/must-gather-rhel8@sha256:2d66f2ed20efc0f0d010b3ef1aab1efd29f2a05855a2162eb408e57e7c396048_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/must-gather-rhel8@sha256:2f25417720bcae91aa8eee5ea8f1508dfbfd41d14b69b809ba19aeee86445e87_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:2f25417720bcae91aa8eee5ea8f1508dfbfd41d14b69b809ba19aeee86445e87_ppc64le"
},
"product_reference": "multicluster-engine/must-gather-rhel8@sha256:2f25417720bcae91aa8eee5ea8f1508dfbfd41d14b69b809ba19aeee86445e87_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/must-gather-rhel8@sha256:8b86ca9a3de32f6e628c65550a5cc828d8108fb33760222d47639625c0c16e99_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:8b86ca9a3de32f6e628c65550a5cc828d8108fb33760222d47639625c0c16e99_s390x"
},
"product_reference": "multicluster-engine/must-gather-rhel8@sha256:8b86ca9a3de32f6e628c65550a5cc828d8108fb33760222d47639625c0c16e99_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/must-gather-rhel8@sha256:ffef6adc375beee26475d5efc07046a1cbaa74566146dbbc71f43f32d6ce6617_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:ffef6adc375beee26475d5efc07046a1cbaa74566146dbbc71f43f32d6ce6617_amd64"
},
"product_reference": "multicluster-engine/must-gather-rhel8@sha256:ffef6adc375beee26475d5efc07046a1cbaa74566146dbbc71f43f32d6ce6617_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/placement-rhel8@sha256:16f551455ca900bb4797045954674c7e5d431d8c3229f6edcecb4097bd068ea4_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:16f551455ca900bb4797045954674c7e5d431d8c3229f6edcecb4097bd068ea4_ppc64le"
},
"product_reference": "multicluster-engine/placement-rhel8@sha256:16f551455ca900bb4797045954674c7e5d431d8c3229f6edcecb4097bd068ea4_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/placement-rhel8@sha256:2ee53e1e23e85e99762837e823e5bb6a0abb1fc223ad16b8b23c3693c9a0a283_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:2ee53e1e23e85e99762837e823e5bb6a0abb1fc223ad16b8b23c3693c9a0a283_s390x"
},
"product_reference": "multicluster-engine/placement-rhel8@sha256:2ee53e1e23e85e99762837e823e5bb6a0abb1fc223ad16b8b23c3693c9a0a283_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/placement-rhel8@sha256:3b79cce7eac143a8ae54d9fb5819eb8936ad765a43a3acc04babd251b8f10a6c_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:3b79cce7eac143a8ae54d9fb5819eb8936ad765a43a3acc04babd251b8f10a6c_arm64"
},
"product_reference": "multicluster-engine/placement-rhel8@sha256:3b79cce7eac143a8ae54d9fb5819eb8936ad765a43a3acc04babd251b8f10a6c_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/placement-rhel8@sha256:d966faac5b5d195777d3c5e5b47295120f86090b69274a409ab2b73874a01b3f_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:d966faac5b5d195777d3c5e5b47295120f86090b69274a409ab2b73874a01b3f_amd64"
},
"product_reference": "multicluster-engine/placement-rhel8@sha256:d966faac5b5d195777d3c5e5b47295120f86090b69274a409ab2b73874a01b3f_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/provider-credential-controller-rhel8@sha256:531c9517a105f85924d8d59942e8026d5f9ccc0a03533a0e681028477c5391ce_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:531c9517a105f85924d8d59942e8026d5f9ccc0a03533a0e681028477c5391ce_amd64"
},
"product_reference": "multicluster-engine/provider-credential-controller-rhel8@sha256:531c9517a105f85924d8d59942e8026d5f9ccc0a03533a0e681028477c5391ce_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/provider-credential-controller-rhel8@sha256:5d1d0c97fb6d0f130edf3131c8bbabfa0ce3def974c8f242b03171f30e64178c_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:5d1d0c97fb6d0f130edf3131c8bbabfa0ce3def974c8f242b03171f30e64178c_s390x"
},
"product_reference": "multicluster-engine/provider-credential-controller-rhel8@sha256:5d1d0c97fb6d0f130edf3131c8bbabfa0ce3def974c8f242b03171f30e64178c_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/provider-credential-controller-rhel8@sha256:60b0d4725ffb384b99f860609dd4098253d2b1261cb6ac5c4509c7402d105991_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:60b0d4725ffb384b99f860609dd4098253d2b1261cb6ac5c4509c7402d105991_arm64"
},
"product_reference": "multicluster-engine/provider-credential-controller-rhel8@sha256:60b0d4725ffb384b99f860609dd4098253d2b1261cb6ac5c4509c7402d105991_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/provider-credential-controller-rhel8@sha256:98ec118c74002e645011bcbaad20671a696b5e14cf4aed48b09899c787c4008b_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:98ec118c74002e645011bcbaad20671a696b5e14cf4aed48b09899c787c4008b_ppc64le"
},
"product_reference": "multicluster-engine/provider-credential-controller-rhel8@sha256:98ec118c74002e645011bcbaad20671a696b5e14cf4aed48b09899c787c4008b_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/registration-operator-rhel8@sha256:4188443f596121ffd8188eaeb24da37cb51d0a22d575460f7fede72971128eb5_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:4188443f596121ffd8188eaeb24da37cb51d0a22d575460f7fede72971128eb5_amd64"
},
"product_reference": "multicluster-engine/registration-operator-rhel8@sha256:4188443f596121ffd8188eaeb24da37cb51d0a22d575460f7fede72971128eb5_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/registration-operator-rhel8@sha256:61faeb1612a344edc47d53ddbd4ddf4900ff7d1630ed48deea47ebed043acd4c_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:61faeb1612a344edc47d53ddbd4ddf4900ff7d1630ed48deea47ebed043acd4c_s390x"
},
"product_reference": "multicluster-engine/registration-operator-rhel8@sha256:61faeb1612a344edc47d53ddbd4ddf4900ff7d1630ed48deea47ebed043acd4c_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/registration-operator-rhel8@sha256:73443ddeac5dd25d399c995832888561f0450e152e25a6f4cbb60a76a0cc331d_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:73443ddeac5dd25d399c995832888561f0450e152e25a6f4cbb60a76a0cc331d_arm64"
},
"product_reference": "multicluster-engine/registration-operator-rhel8@sha256:73443ddeac5dd25d399c995832888561f0450e152e25a6f4cbb60a76a0cc331d_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/registration-operator-rhel8@sha256:a9b1f13738a676f4336540e1d161a914b1c4a4c2fa86093234ddb6993db1c931_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:a9b1f13738a676f4336540e1d161a914b1c4a4c2fa86093234ddb6993db1c931_ppc64le"
},
"product_reference": "multicluster-engine/registration-operator-rhel8@sha256:a9b1f13738a676f4336540e1d161a914b1c4a4c2fa86093234ddb6993db1c931_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/registration-rhel8@sha256:2196c86fdd2a40e681772bbdf6e96dc326f5016b48657be6cf5b4440058dc116_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:2196c86fdd2a40e681772bbdf6e96dc326f5016b48657be6cf5b4440058dc116_arm64"
},
"product_reference": "multicluster-engine/registration-rhel8@sha256:2196c86fdd2a40e681772bbdf6e96dc326f5016b48657be6cf5b4440058dc116_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/registration-rhel8@sha256:30f2cc473afa8da30c03511099fc41b44529ba789c0a7750c0b873c01697c7b2_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:30f2cc473afa8da30c03511099fc41b44529ba789c0a7750c0b873c01697c7b2_ppc64le"
},
"product_reference": "multicluster-engine/registration-rhel8@sha256:30f2cc473afa8da30c03511099fc41b44529ba789c0a7750c0b873c01697c7b2_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/registration-rhel8@sha256:5f0db8ee47317577914281033df563341e2716ecdfd2251be49947ce5bfddf82_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:5f0db8ee47317577914281033df563341e2716ecdfd2251be49947ce5bfddf82_s390x"
},
"product_reference": "multicluster-engine/registration-rhel8@sha256:5f0db8ee47317577914281033df563341e2716ecdfd2251be49947ce5bfddf82_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/registration-rhel8@sha256:b0c76e6b1623f786eab4867a86efbaa628f48363d0bff71b729a7e84b6e3626e_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:b0c76e6b1623f786eab4867a86efbaa628f48363d0bff71b729a7e84b6e3626e_amd64"
},
"product_reference": "multicluster-engine/registration-rhel8@sha256:b0c76e6b1623f786eab4867a86efbaa628f48363d0bff71b729a7e84b6e3626e_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/work-rhel8@sha256:0fc3f91ab12649fe499021a9640f3d9386b96c3cd0f444abc4e92dafcb3a8138_amd64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:0fc3f91ab12649fe499021a9640f3d9386b96c3cd0f444abc4e92dafcb3a8138_amd64"
},
"product_reference": "multicluster-engine/work-rhel8@sha256:0fc3f91ab12649fe499021a9640f3d9386b96c3cd0f444abc4e92dafcb3a8138_amd64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/work-rhel8@sha256:a1295ab61f30aa361493703b69c905b0fc429d7cdc0953bc4118e2fe01750418_s390x as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:a1295ab61f30aa361493703b69c905b0fc429d7cdc0953bc4118e2fe01750418_s390x"
},
"product_reference": "multicluster-engine/work-rhel8@sha256:a1295ab61f30aa361493703b69c905b0fc429d7cdc0953bc4118e2fe01750418_s390x",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/work-rhel8@sha256:a278fc25c36a1003b2c5e4494838f960e1c9b68252c39dda33fbbb96c30c65dc_arm64 as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:a278fc25c36a1003b2c5e4494838f960e1c9b68252c39dda33fbbb96c30c65dc_arm64"
},
"product_reference": "multicluster-engine/work-rhel8@sha256:a278fc25c36a1003b2c5e4494838f960e1c9b68252c39dda33fbbb96c30c65dc_arm64",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "multicluster-engine/work-rhel8@sha256:bdaac7d8e29445822071edf1dff2c52610f8dce906c02cd142b848128e0046dc_ppc64le as a component of multicluster engine for Kubernetes 2.0 for RHEL 8",
"product_id": "8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:bdaac7d8e29445822071edf1dff2c52610f8dce906c02cd142b848128e0046dc_ppc64le"
},
"product_reference": "multicluster-engine/work-rhel8@sha256:bdaac7d8e29445822071edf1dff2c52610f8dce906c02cd142b848128e0046dc_ppc64le",
"relates_to_product_reference": "8Base-multicluster-engine-2.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25881",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2165824"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact of a succesfull exploiation of this vulnerability will only lead to a denial of service of the system,furthermore the exploitation will require an attacker to specifically craft a regular expression patterns in request headers (i.e. nontrivial input) that trigger pathological regex behavior but since most systems will have limits on header sizes or input validation that reduce the risk of triggering the extreme pathological regex cases which is why this has been marked as moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:97953db07d72c8c9bc4a02d9d9828e0356564ae077a5627008cd935eacd3c431_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:cdeac0e0e24681815d84fa4adcdba1ba6f58e13eef2ba40e339d925b9d6e31ac_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:e23fd8486bb6d5a855c19fa5c6deacc4b618050b24682a39e43c72b54d477259_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:e9db5bbb914fc5acb2fd4043fe080871137efa7898076978e6760d066cb6e3ae_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:1059dcf0baa10711293d1a68e2cf94007700c10ae766108e4516363d7719b053_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:2e08cfabf6782aa509b30121ba3ec0c892bc72561623389b79c0913d92f6e7cb_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:45980a82d18011f10fa1359ee4f8bb58f1d733945c95c05c65cf9ed27ffc7711_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:ca21d47df9252c588ac3b62ee4c9c316dd78841f4c01370d000a82b4bf6989d4_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:010f4302c1a117c4b6acec689dc4b3e163a7aa8248a8cb404ea798332e763a2d_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:528c1beba81ee8df1d285d6a6247aa9d5e015e3383b3df24069a953a13ae6af4_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:8b80abdec9e38c0cc9bf194bd5258ec64eedd989f9d6cd1c9d5abc2c553e1496_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:d2553de872868aca142da2831e08e9ad8d59cebda44460e0c0f8fdb6554e8f7a_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-agent-rhel8@sha256:1efe34c3f8b6303b397c74ddb2b43ac782dfa5bce69108eedd6b6122ced14601_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-agent-rhel8@sha256:5625b33a8e26fa2531a5da42151b8cda7592c6f4252d4b5d1b81e2a822509634_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-reporter-rhel8@sha256:6c652ca955753d38ae8001a96a7566f9fddeda7dafb539c5690ef9e59dba5898_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-reporter-rhel8@sha256:c91750d80bda566c0ec42de51da726ee12639011c5d20f407b9b1aeaaf580735_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-reporter-rhel8@sha256:f3550478f1c5c94c40e14fb621238cdaa2a774cb20ca5c5a7b396c525bb7b119_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-rhel8@sha256:0124ef35b82f022c1067926e82c8d5b87dbecd9faaacf95222a971489f3cdbc7_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-rhel8@sha256:3931b8f7b46b45cd03e3fbfbe086096ba314a03a764f2a2793c1c6296f976c4f_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-rhel8@sha256:963dfc99b824553e6d824e9e82f01771b6f9418e0e0e7d12cb63400ce20d1a18_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:3012a831579eea8ad086e93891425e69dc0032085bd1b27241ab365ff6eaeef9_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:71850057b0538d3b2e2279e4db976feeffc6250f02027ad7063236369f63407f_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:b390f8ad0a6300897c423ccf7a3b5b5ccaf0376f7db41433db04e02f94c6450b_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:eb1387b820c9de595a0e7fb85ead887fcb75ea5fda6bfd786ff4e4985421dd3d_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:5696b46bc8706b1774816a604686d7f86314fa75e213e208e6866aa3e0b9c07b_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:66f04ea3ac06850f613a425ea8187e3239ef2ec1b75f5ace99ee02586ae8d58c_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:6eed5640e54dcf316b7066be74a7e4d3ba5518104806b9889c4602c8314141bc_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:a0a3320c90275244b8bca4e4498b86ebc1a3686d7087af20929231788699459a_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:320e4df9f6cc6859a3d07dddb7b7d85833c6c03aa07cac7ad2ba200defbb6273_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:3b2e31ac71b7fce2babcb0dc2e662adf2be4765e0ee45a9c56d45a74d9d2cc6a_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:6d43e17b3ab9fdf058c7be85a39fbf51a13017db4ca48ad87bdce2aab4b10bea_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:92b1741abd7956f31d8230e3b03c7946845fe1fea347108b1e8f9d1775b21ec8_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:0a53815dd1518a8e10ea26c9f3a024c675a41f901bd0d81a0bc6974f837342fd_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:2cbfaec7d07fc6bf940a300c949f3947e0a520524410432b7b519bd1e0ec9a1f_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:67198da77e57e2d95f586b936bc8722a4eb20ba788e6517a8db7063b5360a0d4_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:bf3c059f40af3d2b9861554d2d44f8b46276bfefdcaef446db289d3fc1024e90_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:8c37756fda2356c49d09413842c29d6d040970e90db1aff2c1e95fed50fb706f_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:9b1147e21ad2d09ae2fbe6e85fc60d11244507c67ce88821af1e4894fb3a0f18_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:a104efc00d5605f7a8d69400032baa2bbd1aa2371e5b3386ba667d8b6ce3d466_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:e994ecb70c2b61627a12d6651126da1616862c7121f85ec36883feb6482cdd76_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:ae5f08167c324a5a09332ec9fbfd26dbf750dfe9fb0f3f20b1c3eaff428628d3_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:c67a2d4058dab7046d81159442cb751b79d14ce66868c5f02c58e41949a0ff92_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:f64b4dd9ae882951c4ea5a0a8228365d0f2fbf525389da4955c676b9e5b9b301_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:f8574b6e0214f8a3ef5bdcb2bb45612001b1174ad514a1d130fa965d882799ea_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:2d63f24ede8bcd88a28a83b0b08ace3c3d83324ecf8fe1d1668a4598355a6172_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:62133004ef96b4d55d1cc2849605869096cbe8b1fe547425d9b17369a39cdd9b_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:67204a2cae0b957eea73936132cc17d2760d4191e894bc864850da4701f2c287_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:9e7795ff57aa032f40b2370c472bc77d9dfe94a2def4a800664d8dd2603287b6_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:291ec74b7090fe978c3177ef010fffccfa2aa5577f260afbb77346a856701c57_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:aef69de3c4180dfbe2a962a3b76bb7a43abf69b4831754d477ad6c2ff7025e4c_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:c09a2cb2645bd5185ff2f8eaa55faf347eb88cad23ac950786fcc86885e38e14_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:d46cabb6560cc0e35d2ddb3ab4796e72b7065d78b7ccefc9b66de1463642ecb6_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:530a667f5ad05a09af6cd33f751f1357b36a0e09ab487e5a3c36a026410f3bf0_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:77791c7940c9f85a944124671387b7516de1a6eb8e041d5444e37cbccef9a85d_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:a42f3167ed09241a24d8884b0b757f01fbf8dc64eec84eeb796ebb7685e3b21d_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:b0799509c1ee7b0edf031c55d96bd0d2345deb2fdbb70f573ac45c4a895dab16_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:887547d481f3f818733fa25a8f64c77a376adb60099de728ea90190561200404_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:af98a2684f06cded753b43f8f25bd63f1b08e6b4cb2b9f3ac985f487d30de108_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:c26c4d3be3429ad2523cc35e5ff3b6f97e472de421a5a6429934d0356e188d55_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:c500c34bcb80bc2a905f597e70e5cd1b2ff17a2e85e54963ce1e56a8c9f425d9_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:56f69d5ac57ef0794b05aad95a0cc0e22b18fa3fbf2b5b7f8b75ab731add3b4b_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:720ec4d34ae8632fafe7d7fcc4458b0829dac6ca72c1b3d3198d1f9030a6d36c_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:90928e22f4899ecb02c43369165985d1724854b3e50a312fea4d84afa5ccfad2_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:fbd97fc8f1783f1d27f40e3f82af3d84edbb375927399ba41a13f9de9cc4d6a6_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:4099d03b88270583ebfa88cc0871c866a0e4fae23cb3f7ac0f30a044abbfc19c_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:6a86908cfe9af55e299a23b413517fabce707297d8a9eb27072b8e54626c937b_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:7a86f63853bce0130300cac12c1dbe132e8b2cdb50aea05b3a0f9c6b1dd3bacf_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:e56690d30293de9cdd587577102fa9809f7c5dad2ae4f8403fcc2e79fac5b9af_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/klusterlet-operator-bundle@sha256:ddd18b21fafa2176bfbde814a53fc5a40b3722b12d79c4157d667dbfa1325237_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:1f70e2efd2e2b9e94f3d1bed8b8e4590593d2d4b504fabc76e165ed709960cc9_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:82db3097c74cbadff07c3c640ba6fc1f33cafd3cbc49428af9b3ddc448b7ecd0_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:a613afada089b991101c09d4ee7e1d956db084bcfbd050950fc5911ac3474a7b_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:f90f0e95129a18aef15c042623876ba25021ab712ab8e49436f8fc93db819c0a_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/mce-operator-bundle@sha256:a73bac9337c0fae87839aa22e019e7b7ce67367510eb2f18dd1aab56e036793d_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/mce-operator-bundle@sha256:e156e524f1327c690d775ceef353f49c1502fca33812f66e3a17b3e595fb2ff9_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/mce-operator-bundle@sha256:f6210c659d0790937648774acb89ad97733a8e5497f130e47f5f5b8439eb4b9d_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:549e4c2f966fb81c86dd28f63d985e0b1d7f72d52d512336bdc54e7750f19ef1_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:5b04b649e4efc023eeda0c9437acdc380338f1497b4e0e338598395dccf0fca2_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:65dca9c9cdd048741de37ef876f5b57f2a5a939e3f5c9557d896bc780d791e66_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:74dc8934aab829b37a35cce6a0b1b41df138bd98eab84f4fd559df63f7a98194_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:2d66f2ed20efc0f0d010b3ef1aab1efd29f2a05855a2162eb408e57e7c396048_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:2f25417720bcae91aa8eee5ea8f1508dfbfd41d14b69b809ba19aeee86445e87_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:8b86ca9a3de32f6e628c65550a5cc828d8108fb33760222d47639625c0c16e99_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:ffef6adc375beee26475d5efc07046a1cbaa74566146dbbc71f43f32d6ce6617_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:16f551455ca900bb4797045954674c7e5d431d8c3229f6edcecb4097bd068ea4_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:2ee53e1e23e85e99762837e823e5bb6a0abb1fc223ad16b8b23c3693c9a0a283_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:3b79cce7eac143a8ae54d9fb5819eb8936ad765a43a3acc04babd251b8f10a6c_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:d966faac5b5d195777d3c5e5b47295120f86090b69274a409ab2b73874a01b3f_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:531c9517a105f85924d8d59942e8026d5f9ccc0a03533a0e681028477c5391ce_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:5d1d0c97fb6d0f130edf3131c8bbabfa0ce3def974c8f242b03171f30e64178c_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:60b0d4725ffb384b99f860609dd4098253d2b1261cb6ac5c4509c7402d105991_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:98ec118c74002e645011bcbaad20671a696b5e14cf4aed48b09899c787c4008b_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:4188443f596121ffd8188eaeb24da37cb51d0a22d575460f7fede72971128eb5_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:61faeb1612a344edc47d53ddbd4ddf4900ff7d1630ed48deea47ebed043acd4c_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:73443ddeac5dd25d399c995832888561f0450e152e25a6f4cbb60a76a0cc331d_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:a9b1f13738a676f4336540e1d161a914b1c4a4c2fa86093234ddb6993db1c931_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:2196c86fdd2a40e681772bbdf6e96dc326f5016b48657be6cf5b4440058dc116_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:30f2cc473afa8da30c03511099fc41b44529ba789c0a7750c0b873c01697c7b2_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:5f0db8ee47317577914281033df563341e2716ecdfd2251be49947ce5bfddf82_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:b0c76e6b1623f786eab4867a86efbaa628f48363d0bff71b729a7e84b6e3626e_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:0fc3f91ab12649fe499021a9640f3d9386b96c3cd0f444abc4e92dafcb3a8138_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:a1295ab61f30aa361493703b69c905b0fc429d7cdc0953bc4118e2fe01750418_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:a278fc25c36a1003b2c5e4494838f960e1c9b68252c39dda33fbbb96c30c65dc_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:bdaac7d8e29445822071edf1dff2c52610f8dce906c02cd142b848128e0046dc_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25881"
},
{
"category": "external",
"summary": "RHBZ#2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T15:32:39+00:00",
"details": "For multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html/multicluster_engine/installing-while-connected-online",
"product_ids": [
"8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:97953db07d72c8c9bc4a02d9d9828e0356564ae077a5627008cd935eacd3c431_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:cdeac0e0e24681815d84fa4adcdba1ba6f58e13eef2ba40e339d925b9d6e31ac_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:e23fd8486bb6d5a855c19fa5c6deacc4b618050b24682a39e43c72b54d477259_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:e9db5bbb914fc5acb2fd4043fe080871137efa7898076978e6760d066cb6e3ae_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:1059dcf0baa10711293d1a68e2cf94007700c10ae766108e4516363d7719b053_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:2e08cfabf6782aa509b30121ba3ec0c892bc72561623389b79c0913d92f6e7cb_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:45980a82d18011f10fa1359ee4f8bb58f1d733945c95c05c65cf9ed27ffc7711_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:ca21d47df9252c588ac3b62ee4c9c316dd78841f4c01370d000a82b4bf6989d4_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:010f4302c1a117c4b6acec689dc4b3e163a7aa8248a8cb404ea798332e763a2d_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:528c1beba81ee8df1d285d6a6247aa9d5e015e3383b3df24069a953a13ae6af4_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:8b80abdec9e38c0cc9bf194bd5258ec64eedd989f9d6cd1c9d5abc2c553e1496_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:d2553de872868aca142da2831e08e9ad8d59cebda44460e0c0f8fdb6554e8f7a_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-agent-rhel8@sha256:1efe34c3f8b6303b397c74ddb2b43ac782dfa5bce69108eedd6b6122ced14601_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-agent-rhel8@sha256:5625b33a8e26fa2531a5da42151b8cda7592c6f4252d4b5d1b81e2a822509634_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-reporter-rhel8@sha256:6c652ca955753d38ae8001a96a7566f9fddeda7dafb539c5690ef9e59dba5898_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-reporter-rhel8@sha256:c91750d80bda566c0ec42de51da726ee12639011c5d20f407b9b1aeaaf580735_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-reporter-rhel8@sha256:f3550478f1c5c94c40e14fb621238cdaa2a774cb20ca5c5a7b396c525bb7b119_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-rhel8@sha256:0124ef35b82f022c1067926e82c8d5b87dbecd9faaacf95222a971489f3cdbc7_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-rhel8@sha256:3931b8f7b46b45cd03e3fbfbe086096ba314a03a764f2a2793c1c6296f976c4f_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-rhel8@sha256:963dfc99b824553e6d824e9e82f01771b6f9418e0e0e7d12cb63400ce20d1a18_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:3012a831579eea8ad086e93891425e69dc0032085bd1b27241ab365ff6eaeef9_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:71850057b0538d3b2e2279e4db976feeffc6250f02027ad7063236369f63407f_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:b390f8ad0a6300897c423ccf7a3b5b5ccaf0376f7db41433db04e02f94c6450b_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:eb1387b820c9de595a0e7fb85ead887fcb75ea5fda6bfd786ff4e4985421dd3d_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:5696b46bc8706b1774816a604686d7f86314fa75e213e208e6866aa3e0b9c07b_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:66f04ea3ac06850f613a425ea8187e3239ef2ec1b75f5ace99ee02586ae8d58c_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:6eed5640e54dcf316b7066be74a7e4d3ba5518104806b9889c4602c8314141bc_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:a0a3320c90275244b8bca4e4498b86ebc1a3686d7087af20929231788699459a_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:320e4df9f6cc6859a3d07dddb7b7d85833c6c03aa07cac7ad2ba200defbb6273_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:3b2e31ac71b7fce2babcb0dc2e662adf2be4765e0ee45a9c56d45a74d9d2cc6a_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:6d43e17b3ab9fdf058c7be85a39fbf51a13017db4ca48ad87bdce2aab4b10bea_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:92b1741abd7956f31d8230e3b03c7946845fe1fea347108b1e8f9d1775b21ec8_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:0a53815dd1518a8e10ea26c9f3a024c675a41f901bd0d81a0bc6974f837342fd_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:2cbfaec7d07fc6bf940a300c949f3947e0a520524410432b7b519bd1e0ec9a1f_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:67198da77e57e2d95f586b936bc8722a4eb20ba788e6517a8db7063b5360a0d4_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:bf3c059f40af3d2b9861554d2d44f8b46276bfefdcaef446db289d3fc1024e90_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:8c37756fda2356c49d09413842c29d6d040970e90db1aff2c1e95fed50fb706f_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:9b1147e21ad2d09ae2fbe6e85fc60d11244507c67ce88821af1e4894fb3a0f18_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:a104efc00d5605f7a8d69400032baa2bbd1aa2371e5b3386ba667d8b6ce3d466_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:e994ecb70c2b61627a12d6651126da1616862c7121f85ec36883feb6482cdd76_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:ae5f08167c324a5a09332ec9fbfd26dbf750dfe9fb0f3f20b1c3eaff428628d3_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:c67a2d4058dab7046d81159442cb751b79d14ce66868c5f02c58e41949a0ff92_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:f64b4dd9ae882951c4ea5a0a8228365d0f2fbf525389da4955c676b9e5b9b301_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:f8574b6e0214f8a3ef5bdcb2bb45612001b1174ad514a1d130fa965d882799ea_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:2d63f24ede8bcd88a28a83b0b08ace3c3d83324ecf8fe1d1668a4598355a6172_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:62133004ef96b4d55d1cc2849605869096cbe8b1fe547425d9b17369a39cdd9b_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:67204a2cae0b957eea73936132cc17d2760d4191e894bc864850da4701f2c287_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:9e7795ff57aa032f40b2370c472bc77d9dfe94a2def4a800664d8dd2603287b6_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:291ec74b7090fe978c3177ef010fffccfa2aa5577f260afbb77346a856701c57_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:aef69de3c4180dfbe2a962a3b76bb7a43abf69b4831754d477ad6c2ff7025e4c_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:c09a2cb2645bd5185ff2f8eaa55faf347eb88cad23ac950786fcc86885e38e14_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:d46cabb6560cc0e35d2ddb3ab4796e72b7065d78b7ccefc9b66de1463642ecb6_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:530a667f5ad05a09af6cd33f751f1357b36a0e09ab487e5a3c36a026410f3bf0_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:77791c7940c9f85a944124671387b7516de1a6eb8e041d5444e37cbccef9a85d_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:a42f3167ed09241a24d8884b0b757f01fbf8dc64eec84eeb796ebb7685e3b21d_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:b0799509c1ee7b0edf031c55d96bd0d2345deb2fdbb70f573ac45c4a895dab16_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:887547d481f3f818733fa25a8f64c77a376adb60099de728ea90190561200404_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:af98a2684f06cded753b43f8f25bd63f1b08e6b4cb2b9f3ac985f487d30de108_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:c26c4d3be3429ad2523cc35e5ff3b6f97e472de421a5a6429934d0356e188d55_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:c500c34bcb80bc2a905f597e70e5cd1b2ff17a2e85e54963ce1e56a8c9f425d9_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:56f69d5ac57ef0794b05aad95a0cc0e22b18fa3fbf2b5b7f8b75ab731add3b4b_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:720ec4d34ae8632fafe7d7fcc4458b0829dac6ca72c1b3d3198d1f9030a6d36c_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:90928e22f4899ecb02c43369165985d1724854b3e50a312fea4d84afa5ccfad2_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:fbd97fc8f1783f1d27f40e3f82af3d84edbb375927399ba41a13f9de9cc4d6a6_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:4099d03b88270583ebfa88cc0871c866a0e4fae23cb3f7ac0f30a044abbfc19c_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:6a86908cfe9af55e299a23b413517fabce707297d8a9eb27072b8e54626c937b_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:7a86f63853bce0130300cac12c1dbe132e8b2cdb50aea05b3a0f9c6b1dd3bacf_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:e56690d30293de9cdd587577102fa9809f7c5dad2ae4f8403fcc2e79fac5b9af_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/klusterlet-operator-bundle@sha256:ddd18b21fafa2176bfbde814a53fc5a40b3722b12d79c4157d667dbfa1325237_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:1f70e2efd2e2b9e94f3d1bed8b8e4590593d2d4b504fabc76e165ed709960cc9_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:82db3097c74cbadff07c3c640ba6fc1f33cafd3cbc49428af9b3ddc448b7ecd0_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:a613afada089b991101c09d4ee7e1d956db084bcfbd050950fc5911ac3474a7b_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:f90f0e95129a18aef15c042623876ba25021ab712ab8e49436f8fc93db819c0a_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/mce-operator-bundle@sha256:a73bac9337c0fae87839aa22e019e7b7ce67367510eb2f18dd1aab56e036793d_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/mce-operator-bundle@sha256:e156e524f1327c690d775ceef353f49c1502fca33812f66e3a17b3e595fb2ff9_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/mce-operator-bundle@sha256:f6210c659d0790937648774acb89ad97733a8e5497f130e47f5f5b8439eb4b9d_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:549e4c2f966fb81c86dd28f63d985e0b1d7f72d52d512336bdc54e7750f19ef1_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:5b04b649e4efc023eeda0c9437acdc380338f1497b4e0e338598395dccf0fca2_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:65dca9c9cdd048741de37ef876f5b57f2a5a939e3f5c9557d896bc780d791e66_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:74dc8934aab829b37a35cce6a0b1b41df138bd98eab84f4fd559df63f7a98194_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:2d66f2ed20efc0f0d010b3ef1aab1efd29f2a05855a2162eb408e57e7c396048_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:2f25417720bcae91aa8eee5ea8f1508dfbfd41d14b69b809ba19aeee86445e87_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:8b86ca9a3de32f6e628c65550a5cc828d8108fb33760222d47639625c0c16e99_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:ffef6adc375beee26475d5efc07046a1cbaa74566146dbbc71f43f32d6ce6617_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:16f551455ca900bb4797045954674c7e5d431d8c3229f6edcecb4097bd068ea4_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:2ee53e1e23e85e99762837e823e5bb6a0abb1fc223ad16b8b23c3693c9a0a283_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:3b79cce7eac143a8ae54d9fb5819eb8936ad765a43a3acc04babd251b8f10a6c_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:d966faac5b5d195777d3c5e5b47295120f86090b69274a409ab2b73874a01b3f_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:531c9517a105f85924d8d59942e8026d5f9ccc0a03533a0e681028477c5391ce_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:5d1d0c97fb6d0f130edf3131c8bbabfa0ce3def974c8f242b03171f30e64178c_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:60b0d4725ffb384b99f860609dd4098253d2b1261cb6ac5c4509c7402d105991_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:98ec118c74002e645011bcbaad20671a696b5e14cf4aed48b09899c787c4008b_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:4188443f596121ffd8188eaeb24da37cb51d0a22d575460f7fede72971128eb5_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:61faeb1612a344edc47d53ddbd4ddf4900ff7d1630ed48deea47ebed043acd4c_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:73443ddeac5dd25d399c995832888561f0450e152e25a6f4cbb60a76a0cc331d_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:a9b1f13738a676f4336540e1d161a914b1c4a4c2fa86093234ddb6993db1c931_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:2196c86fdd2a40e681772bbdf6e96dc326f5016b48657be6cf5b4440058dc116_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:30f2cc473afa8da30c03511099fc41b44529ba789c0a7750c0b873c01697c7b2_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:5f0db8ee47317577914281033df563341e2716ecdfd2251be49947ce5bfddf82_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:b0c76e6b1623f786eab4867a86efbaa628f48363d0bff71b729a7e84b6e3626e_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:0fc3f91ab12649fe499021a9640f3d9386b96c3cd0f444abc4e92dafcb3a8138_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:a1295ab61f30aa361493703b69c905b0fc429d7cdc0953bc4118e2fe01750418_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:a278fc25c36a1003b2c5e4494838f960e1c9b68252c39dda33fbbb96c30c65dc_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:bdaac7d8e29445822071edf1dff2c52610f8dce906c02cd142b848128e0046dc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2098"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:97953db07d72c8c9bc4a02d9d9828e0356564ae077a5627008cd935eacd3c431_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:cdeac0e0e24681815d84fa4adcdba1ba6f58e13eef2ba40e339d925b9d6e31ac_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:e23fd8486bb6d5a855c19fa5c6deacc4b618050b24682a39e43c72b54d477259_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/agent-service-rhel8@sha256:e9db5bbb914fc5acb2fd4043fe080871137efa7898076978e6760d066cb6e3ae_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:1059dcf0baa10711293d1a68e2cf94007700c10ae766108e4516363d7719b053_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:2e08cfabf6782aa509b30121ba3ec0c892bc72561623389b79c0913d92f6e7cb_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:45980a82d18011f10fa1359ee4f8bb58f1d733945c95c05c65cf9ed27ffc7711_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/apiserver-network-proxy-rhel8@sha256:ca21d47df9252c588ac3b62ee4c9c316dd78841f4c01370d000a82b4bf6989d4_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:010f4302c1a117c4b6acec689dc4b3e163a7aa8248a8cb404ea798332e763a2d_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:528c1beba81ee8df1d285d6a6247aa9d5e015e3383b3df24069a953a13ae6af4_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:8b80abdec9e38c0cc9bf194bd5258ec64eedd989f9d6cd1c9d5abc2c553e1496_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-image-service-rhel8@sha256:d2553de872868aca142da2831e08e9ad8d59cebda44460e0c0f8fdb6554e8f7a_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-agent-rhel8@sha256:1efe34c3f8b6303b397c74ddb2b43ac782dfa5bce69108eedd6b6122ced14601_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-agent-rhel8@sha256:5625b33a8e26fa2531a5da42151b8cda7592c6f4252d4b5d1b81e2a822509634_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-reporter-rhel8@sha256:6c652ca955753d38ae8001a96a7566f9fddeda7dafb539c5690ef9e59dba5898_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-reporter-rhel8@sha256:c91750d80bda566c0ec42de51da726ee12639011c5d20f407b9b1aeaaf580735_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-reporter-rhel8@sha256:f3550478f1c5c94c40e14fb621238cdaa2a774cb20ca5c5a7b396c525bb7b119_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-rhel8@sha256:0124ef35b82f022c1067926e82c8d5b87dbecd9faaacf95222a971489f3cdbc7_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-rhel8@sha256:3931b8f7b46b45cd03e3fbfbe086096ba314a03a764f2a2793c1c6296f976c4f_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/assisted-installer-rhel8@sha256:963dfc99b824553e6d824e9e82f01771b6f9418e0e0e7d12cb63400ce20d1a18_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:3012a831579eea8ad086e93891425e69dc0032085bd1b27241ab365ff6eaeef9_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:71850057b0538d3b2e2279e4db976feeffc6250f02027ad7063236369f63407f_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:b390f8ad0a6300897c423ccf7a3b5b5ccaf0376f7db41433db04e02f94c6450b_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/aws-encryption-provider-rhel8@sha256:eb1387b820c9de595a0e7fb85ead887fcb75ea5fda6bfd786ff4e4985421dd3d_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:5696b46bc8706b1774816a604686d7f86314fa75e213e208e6866aa3e0b9c07b_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:66f04ea3ac06850f613a425ea8187e3239ef2ec1b75f5ace99ee02586ae8d58c_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:6eed5640e54dcf316b7066be74a7e4d3ba5518104806b9889c4602c8314141bc_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/backplane-rhel8-operator@sha256:a0a3320c90275244b8bca4e4498b86ebc1a3686d7087af20929231788699459a_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:320e4df9f6cc6859a3d07dddb7b7d85833c6c03aa07cac7ad2ba200defbb6273_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:3b2e31ac71b7fce2babcb0dc2e662adf2be4765e0ee45a9c56d45a74d9d2cc6a_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:6d43e17b3ab9fdf058c7be85a39fbf51a13017db4ca48ad87bdce2aab4b10bea_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-aws-rhel8@sha256:92b1741abd7956f31d8230e3b03c7946845fe1fea347108b1e8f9d1775b21ec8_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:0a53815dd1518a8e10ea26c9f3a024c675a41f901bd0d81a0bc6974f837342fd_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:2cbfaec7d07fc6bf940a300c949f3947e0a520524410432b7b519bd1e0ec9a1f_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:67198da77e57e2d95f586b936bc8722a4eb20ba788e6517a8db7063b5360a0d4_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-azure-rhel8@sha256:bf3c059f40af3d2b9861554d2d44f8b46276bfefdcaef446db289d3fc1024e90_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:8c37756fda2356c49d09413842c29d6d040970e90db1aff2c1e95fed50fb706f_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:9b1147e21ad2d09ae2fbe6e85fc60d11244507c67ce88821af1e4894fb3a0f18_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:a104efc00d5605f7a8d69400032baa2bbd1aa2371e5b3386ba667d8b6ce3d466_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-provider-kubevirt-rhel8@sha256:e994ecb70c2b61627a12d6651126da1616862c7121f85ec36883feb6482cdd76_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:ae5f08167c324a5a09332ec9fbfd26dbf750dfe9fb0f3f20b1c3eaff428628d3_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:c67a2d4058dab7046d81159442cb751b79d14ce66868c5f02c58e41949a0ff92_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:f64b4dd9ae882951c4ea5a0a8228365d0f2fbf525389da4955c676b9e5b9b301_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-api-rhel8@sha256:f8574b6e0214f8a3ef5bdcb2bb45612001b1174ad514a1d130fa965d882799ea_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:2d63f24ede8bcd88a28a83b0b08ace3c3d83324ecf8fe1d1668a4598355a6172_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:62133004ef96b4d55d1cc2849605869096cbe8b1fe547425d9b17369a39cdd9b_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:67204a2cae0b957eea73936132cc17d2760d4191e894bc864850da4701f2c287_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/cluster-curator-controller-rhel8@sha256:9e7795ff57aa032f40b2370c472bc77d9dfe94a2def4a800664d8dd2603287b6_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:291ec74b7090fe978c3177ef010fffccfa2aa5577f260afbb77346a856701c57_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:aef69de3c4180dfbe2a962a3b76bb7a43abf69b4831754d477ad6c2ff7025e4c_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:c09a2cb2645bd5185ff2f8eaa55faf347eb88cad23ac950786fcc86885e38e14_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterclaims-controller-rhel8@sha256:d46cabb6560cc0e35d2ddb3ab4796e72b7065d78b7ccefc9b66de1463642ecb6_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:530a667f5ad05a09af6cd33f751f1357b36a0e09ab487e5a3c36a026410f3bf0_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:77791c7940c9f85a944124671387b7516de1a6eb8e041d5444e37cbccef9a85d_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:a42f3167ed09241a24d8884b0b757f01fbf8dc64eec84eeb796ebb7685e3b21d_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/clusterlifecycle-state-metrics-rhel8@sha256:b0799509c1ee7b0edf031c55d96bd0d2345deb2fdbb70f573ac45c4a895dab16_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:887547d481f3f818733fa25a8f64c77a376adb60099de728ea90190561200404_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:af98a2684f06cded753b43f8f25bd63f1b08e6b4cb2b9f3ac985f487d30de108_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:c26c4d3be3429ad2523cc35e5ff3b6f97e472de421a5a6429934d0356e188d55_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/discovery-rhel8@sha256:c500c34bcb80bc2a905f597e70e5cd1b2ff17a2e85e54963ce1e56a8c9f425d9_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:56f69d5ac57ef0794b05aad95a0cc0e22b18fa3fbf2b5b7f8b75ab731add3b4b_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:720ec4d34ae8632fafe7d7fcc4458b0829dac6ca72c1b3d3198d1f9030a6d36c_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:90928e22f4899ecb02c43369165985d1724854b3e50a312fea4d84afa5ccfad2_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/hive-rhel8@sha256:fbd97fc8f1783f1d27f40e3f82af3d84edbb375927399ba41a13f9de9cc4d6a6_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:4099d03b88270583ebfa88cc0871c866a0e4fae23cb3f7ac0f30a044abbfc19c_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:6a86908cfe9af55e299a23b413517fabce707297d8a9eb27072b8e54626c937b_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:7a86f63853bce0130300cac12c1dbe132e8b2cdb50aea05b3a0f9c6b1dd3bacf_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/hypershift-rhel8-operator@sha256:e56690d30293de9cdd587577102fa9809f7c5dad2ae4f8403fcc2e79fac5b9af_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/klusterlet-operator-bundle@sha256:ddd18b21fafa2176bfbde814a53fc5a40b3722b12d79c4157d667dbfa1325237_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:1f70e2efd2e2b9e94f3d1bed8b8e4590593d2d4b504fabc76e165ed709960cc9_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:82db3097c74cbadff07c3c640ba6fc1f33cafd3cbc49428af9b3ddc448b7ecd0_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:a613afada089b991101c09d4ee7e1d956db084bcfbd050950fc5911ac3474a7b_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/managedcluster-import-controller-rhel8@sha256:f90f0e95129a18aef15c042623876ba25021ab712ab8e49436f8fc93db819c0a_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/mce-operator-bundle@sha256:a73bac9337c0fae87839aa22e019e7b7ce67367510eb2f18dd1aab56e036793d_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/mce-operator-bundle@sha256:e156e524f1327c690d775ceef353f49c1502fca33812f66e3a17b3e595fb2ff9_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/mce-operator-bundle@sha256:f6210c659d0790937648774acb89ad97733a8e5497f130e47f5f5b8439eb4b9d_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:549e4c2f966fb81c86dd28f63d985e0b1d7f72d52d512336bdc54e7750f19ef1_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:5b04b649e4efc023eeda0c9437acdc380338f1497b4e0e338598395dccf0fca2_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:65dca9c9cdd048741de37ef876f5b57f2a5a939e3f5c9557d896bc780d791e66_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicloud-manager-rhel8@sha256:74dc8934aab829b37a35cce6a0b1b41df138bd98eab84f4fd559df63f7a98194_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:1ff75eb0b4b315560e6c78cf71cad13a09e43b8017c269071389a65e93b99057_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:36ce51f81422531db09206c98e3950ce92233d558e1e3e6ba2b0bcc8ebb49469_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:38dc716ceeb4f6005b9eb788ff09d9ce84e2027625530834dc00abbe99332b23_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8@sha256:bea09a50172d4638aff6f4a3abf06a2a12f162ce9de3d15af64d78f009ffd70f_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:4fc98b221a89e81d289ec48eb706bfcdf7ebaf7a78872b9b6e0bd59bfdbd1b76_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:64c12883f02f35a95838c386f68238fc5e5812b7e241d493e0ff3e9739844ab1_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:9989146724112839a2b363054b140c7b9be9b5b9fef31735d38f5fabbac0a195_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-console-mce-rhel8@sha256:dc62bdfef2e6876d3cf2e542a5db55aee38ef794bb8b979b0ff4d649e06b1a6a_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4ce3c05c5f80b560411a3d2b56ede906f823229985536552636619e0236c5459_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e115c65cdaf2ec8917aaaec10849e55affcdfa70bfb5e6084e730bb67338045_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:4e2bd6299682faab407817fb1b9b5d98f66113b49eef7250ffcb528e027e7b22_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator@sha256:75ad4a883e153c99498a1cf9cb488cb9dfa91176ab16bf29f146b8a834d3f2b8_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:a137394e4cb1adbd30821899153750e0b19323d87190e50aa83f19c45d99c4bb_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:c5cceaa228e72fe0e34da627896b43af21a7d3cd9d5b0f77b3d87430402e4363_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:e6a918b2896cb12073ea7944c522cc18d7812bd1a98573a18fa946d8f45d3250_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-hypershift-deployment-controller-rhel8@sha256:f99e4af59555a15c03193a32a7678fe099989acc5e3329ab53f1857672170ccf_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:42f26be3977496feb6b572c5c9c7e2f6d1af8673653e635a0413286fd7efcb21_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:56df17cc7d4789df73b0979c2799eae13ea4dabb0cfa5b9ad07b3088ffc23415_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:5b8ac6d28f6526d1839caa37f38d1957d5e26d93215b61848e47959be8eef66e_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8@sha256:76a09d2997328bf4b373e75c2fa8285e8f2faad503314d6da61043d2f55d6b31_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:2d66f2ed20efc0f0d010b3ef1aab1efd29f2a05855a2162eb408e57e7c396048_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:2f25417720bcae91aa8eee5ea8f1508dfbfd41d14b69b809ba19aeee86445e87_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:8b86ca9a3de32f6e628c65550a5cc828d8108fb33760222d47639625c0c16e99_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/must-gather-rhel8@sha256:ffef6adc375beee26475d5efc07046a1cbaa74566146dbbc71f43f32d6ce6617_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:16f551455ca900bb4797045954674c7e5d431d8c3229f6edcecb4097bd068ea4_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:2ee53e1e23e85e99762837e823e5bb6a0abb1fc223ad16b8b23c3693c9a0a283_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:3b79cce7eac143a8ae54d9fb5819eb8936ad765a43a3acc04babd251b8f10a6c_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/placement-rhel8@sha256:d966faac5b5d195777d3c5e5b47295120f86090b69274a409ab2b73874a01b3f_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:531c9517a105f85924d8d59942e8026d5f9ccc0a03533a0e681028477c5391ce_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:5d1d0c97fb6d0f130edf3131c8bbabfa0ce3def974c8f242b03171f30e64178c_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:60b0d4725ffb384b99f860609dd4098253d2b1261cb6ac5c4509c7402d105991_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/provider-credential-controller-rhel8@sha256:98ec118c74002e645011bcbaad20671a696b5e14cf4aed48b09899c787c4008b_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:4188443f596121ffd8188eaeb24da37cb51d0a22d575460f7fede72971128eb5_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:61faeb1612a344edc47d53ddbd4ddf4900ff7d1630ed48deea47ebed043acd4c_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:73443ddeac5dd25d399c995832888561f0450e152e25a6f4cbb60a76a0cc331d_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-operator-rhel8@sha256:a9b1f13738a676f4336540e1d161a914b1c4a4c2fa86093234ddb6993db1c931_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:2196c86fdd2a40e681772bbdf6e96dc326f5016b48657be6cf5b4440058dc116_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:30f2cc473afa8da30c03511099fc41b44529ba789c0a7750c0b873c01697c7b2_ppc64le",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:5f0db8ee47317577914281033df563341e2716ecdfd2251be49947ce5bfddf82_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/registration-rhel8@sha256:b0c76e6b1623f786eab4867a86efbaa628f48363d0bff71b729a7e84b6e3626e_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:0fc3f91ab12649fe499021a9640f3d9386b96c3cd0f444abc4e92dafcb3a8138_amd64",
"8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:a1295ab61f30aa361493703b69c905b0fc429d7cdc0953bc4118e2fe01750418_s390x",
"8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:a278fc25c36a1003b2c5e4494838f960e1c9b68252c39dda33fbbb96c30c65dc_arm64",
"8Base-multicluster-engine-2.0:multicluster-engine/work-rhel8@sha256:bdaac7d8e29445822071edf1dff2c52610f8dce906c02cd142b848128e0046dc_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability"
}
]
}
RHSA-2023:2104
Vulnerability from csaf_redhat - Published: 2023-05-03 20:14 - Updated: 2026-07-02 09:03A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:42026bfa5539615a6c17d07a02f86c1dcf2dae850fb83f813527545240338148_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:79faff8ac18214edb139b4016afbf801ed922c6fe018309128d088ac75c869b7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:ae6560072188b106a05bcb0cb0b30c8cdd5fd0c9b09b689a6c5ed0bcec555a15_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:c3153f927005f6370671a11909983393037a79fb4db7feee689474109dc7fc78_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:12f96d091141a222cf30155e1bf0f2602af874877fe079d2b0d3c03a8c923db9_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:17fcb839bbcb7c25cbe66a6c19dd48252ac0a03cf6335201407d111bf6b5015b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:4780cf81b07b6a003804fd780dfe9cafa3ba8d3f27083095e9ea68ef7827613c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7fb67d35bad7f0c7f9ab5f2de9bcb7d78f5482207a986b982ad1120fb2c359f6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:27a794307bbf4e9dbb593f2f118304ec0adab0b4e2f2cebe352a830d8f8164c5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:b2cf4eae8410b345ab5222673e73985854ad6a1684c0f0e41d5913d0cb697081_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:d246af9d90b8fd808763baf870a9ac1665bf04e5e0c8ac442e51e6be50a2a9c8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:d936283544611591dd94849e3bf9c3c44b8415992e62ce732b8f3c347d3166f6_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:12ad5b3157e7702a0b05effd000978e8ad277b45aa6fc06b726e01e1142cd354_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:5eea4e889a403d1e9530980eaa0a973c1453c24fda8ada59957bbc4f20757551_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:b1eb1a70b514f725f926648ad0c39d1305653941db2a452c0ffc351ac0438531_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:d70951cdff2f6c5781d39bb30190048b6a32b75c2c1d3b7db308574e578cd7d1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-operator-bundle@sha256:8d21655a022072564d48ab764b5da765c9b1dd0a84f76ac4875cbde944c04747_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-operator-bundle@sha256:95dc381e453cd2201b460cd5096de0f4d061e9fc9a6b6b4e4c4d283ec57e9286_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-operator-bundle@sha256:b46e6e7b2b79f0bfc292df064ed34d4efeada493b0ce770403c7cbdf3bb44662_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:1630964477b19fcf69f8eafdb83a39c8588a324819ffa415908a1de31f9fff2b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:4be1d5580dc2dd49b2f94c0c57e2de081ee54507cd1f422e9eb7a4126f6a36c3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a6f16ef252a256fbadebfbd01b70bbf748e82179285602f1f1735b0933bb67d4_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b07234d4c68754696040d68aac03a11d6303d6a2d7358e1213a492f3e25b92bf_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:1e11a1e52ab4a696df5ae1403a9a6539cc94931e486d575f28f35c6ad1202428_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:7a3cccfe7a1a7b57d6aa1b3576e87134585db2f41bfff9b4b50fa54391ad8888_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:c8213633b8e670bf33b22ca87c8a309558ce4740b709847174c2ab366df324b0_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:f4e06e80479dccae5cd97069a50623ec388df93f563191fe6159f3f813aa84db_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:8a721e578b78b6e56f92a9ddabebe1843b50492bdc9e42d00c757e8d239d9dbb_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:9fa12720e772f7e8e101943742e0927d35cbb112ab1268a58faf3f73fbb0ea50_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:c6f835ad002890b59bc09b4da920c74f9b7a2777a8d149c6584e279888418dd1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:f6faa8e2ad741c66a4a9ba379dc898f25bf4765d01976bd8b4f395014c09967e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:694c13fb7de1591dd9c0a2441662cf9703dad6352a5c7b83600fe140cb443fef_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:6ae568aa7fd9da2953cc7036667a2c030306a0acbe3de0eabe886b63295bf29c_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:b5929eb3b7e752188ffa76babd79b19368cef5c3d3c50e32c0b72f26c0c70784_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:eabe8d58dccadd52e9e668652cbe56bcd64b0518a81928dbed1bc7140e5d9056_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:1af56fa1c3c76044c8452ce2dd903a53fdc4e3e017dcb67a1e85341e8fc0a28f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:d7337ca51bfb99caf69c95470441c3d77249893d53a561375295592cd207b1ec_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:de535249ca4da9dac78a074b64c3d4bef794750a7529d800e4725dfabc4a462b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:f296df788cc318a3d978e4e1fc8358d069b3979ca1fd6698d6727858978a3109_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:413c48ae42a0ba00b7cc085fa33b01dbec8dc05cac50602093afcb60a6587391_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:672f989d243cf3648e7268f2d6b6a241635beec2c8a13398b4a3c2df4b231948_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:934a586cc479b35ff5f665f327c77ceaeec953b368bd2bcd375c3e4e28dacd62_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:a14e9bf26af979c1da90a9b12a970069302db8de309eaf94f4b94826938cab49_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:273d357f500611a39987e50453bc243d4f1f85ecce6fc90a97fa2b4580f37b02_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:51a5f1b376661bd3d2c7dcdd3788bcad526016aba2b80c72c83a72b0b04df78e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:cfdf9d8d8bd73f9f137830bfd3f00abf4e4e82cbecfe96c81b99a7ff8410dbff_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:f844d954943c1641b3d14609ba02ff68b196f78bc25d09387893b80afcca6991_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:349e86cf0b80d820089c9f694fc24e9ad4901819ee53b8aea3724a750b8f85aa_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:43d0001814b8e3df5ea9cc4a75673388feb2e03443de3e3126bd353e8a709c58_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:c0692ce4672eed1258569ce2d166a39bcce1d0276ed2b910eca1604f012d3444_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:e0329f2b0495e5657c777f0d4ba219357faf00708b85e0fcbfad448110d88c99_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:6543b5d66776cd49f7b75034f56a841a8fdc33464a24d0aa1dab660ce2aedf61_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7debc3bbbaa7cb11fb38a316b6eeffcf3150ffab71535254288033dfe6e12d5d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1b96ba99a5b502cb1a128da6deef8fd9bdbf85750d331a9673161795796147_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1ff7d70f504c4e14edc8df0c3f9cf58f22561f08bbf1f2f3985160b221ac3d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:31e9c532ca1b4f1821e7d5b1a8ca55ccb7fefe3e8f35814a9e4f2a4596f9a365_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:6acd7f14d35e1296964fe4b8aff906447d039c115766483eb6d976c5fe3cf6f4_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:853b393a1e2b36206f6f76a6986a21b9a699848fc19cf4063a8af02fb1526be5_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:ebfd9e8df0e526dae8ee90a7964ed4d40c6b8d10b105284855c1023a43c47960_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:1dd978c5a126f4d77754b6ecf92fe43f8451bc705e8f04a948963de3e2156c8c_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:257a7018b6d5f8ce3706892b2b8b5da18d094b1086b72969489a0dbacdb7b072_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:7db39af24f5729fa7d2aef81125a6ca2e207807a61e628133cdc6dadf090593a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:ea9ff26561b4bf178ca2ad2ed621e1e4174a7a4d6812a1c09a19f026c7097110_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:57ba12f9bfbe0a5b4c8c68aa0372ecde4f60162405e70d0e87c157839ef0c7f2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:5e991a67ed60a2e7d9c63f7ba448d2b1ea851cf80b4b8bbf921c6aab4fb31991_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:60cce7b2596c3e9a12fabc08652beddaeacd786b56db6601ca5e06a7da94b0f8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:620836af3504d61da539dddb3bcf083ccf67da57eea0dada8986dfaea758afc6_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:205eb25e8036c45863c221ea969b9b68ff0e3915fd1560fd76e62fa0c11ffb16_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:9ba5f63e9594b8507b617c136eb79b006202bf36e0dda88586eba69b8950727e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:bb2507fcfde82de4ea0581942f208bde0a225dc5fff35933aa3c90c8daec1b8e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:caf169dcb0e561d6c25deb4dc12f5a28955fd7f998de5ef95f7aa5c4b781c34a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:03f136165015a319b3ec01b1e45c6011928a856557fbd3448e85a05ac41a5d33_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:6c012d7109ad50b13f8603f347fb4bf23e7ae2b9a07b1e7b722c49ac4967b72d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:abc83c5c4ba389637fc51d113639042e6d670bb601f564350e3cb5759c63c8b8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:ba250b395ade07ec66e92c7869e8336fd8fc84546448f8f2ec2da1e0a833bab7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:2cdab722befeee51a4c8e3768c9d128663294e6cc9140c71270125bbbb5256a7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:7ffb5597a30cff6a3354297b49f9abc40659af14969912dbbae18f1b8e02d040_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:ea93d398ec3c324ad3c6f2745e2f108fc11a5fad461072283a331287798a14a5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:fe6035d3ceaeeb5613d843f9d9f2ac54ee2feee4acb5cdb90a67e91ddb559ca7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:78a7cc419032136a10af2ac80a7a63d14d7061e299516ad6b6ca12ced0a67e2d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:a9e826524107d040b3be58c5d63c5c43255af422f354c629cfccb27fbbc90f03_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:bd3b882f8e39f32ca41ae5f063dac4a5952f87aa6742f9e64b70f652d687b451_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:c510082c0d9c9e51773405d04a2d1ddfe1d88a6201c68cfb177c952c5eeb1e2f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:177e43c69b52c6b37ad65a847eaafb19fe1bcb4ca792f1f9cfda6e055e893c9b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:82c5835e7bd90ab24530f0819e890abb638bdc67febb6e9c27381037e58ee337_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:935020d5ea1bde696e163c7161d4538aa2fbb8a9422e6d00b06bdb94ab0b3e26_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:b2160c35fe42e7d88d3265bce1b9f2f84e79af55f935be174ddbd6413bd3f2d2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:0ff0f35f5963130b202c05d9a349b60b32ac3934e4e1e0b537d1cae1a5b4dddd_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:64cad7e21fdfcad78af0bf6686fa36e54f2111254404d6d7b2a8aa9f6fac4009_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:766025ff8324ab792dc0fe30192b72b1f6e681695ff9369fdac7cd1f5d0be964_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:dd9dc2f148b72eafd49a59f6913bbe56f4a0c0fb0880f40964241790d9b8f042_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:43c685c96537b0ae174f47abdec172ace314673c758156ebe6b241956be15e35_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:8403e6090adcc06402b6f523848e68c6ea3199a65aea23133b9cb4efd643d12e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:952c658730d28302d2ea3db85650666981a96c8ac372e5f98256a6ac5de0872c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:c405e7ace2ac21a6af6e8a6dcff0d1401d4e867d18b09390250509898898fca0_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:2a82563ea7eb827d9794d58d1b3fe6ed986e063e321daf0c71a8e045e7fb0b97_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:48027540bab7cba6ba0d0fbe5fa1405e4fff1e400603662e406b3b8250becb17_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:9a2ae345587d42587c11fdb31a044fad24d031b53879e670c07b0f4d4ee9289d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:f6560334142127a5287615b508fd02be7f260ed48878479d7a697d8b7c096df9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:1eefd48372a62522af3201d7c420e6172c967620119a9d1fbf721bbfa3c8662b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:726946bb75359dedd7b3b7f242078070da27c6ec8fe5f5d0a335f8c43b497247_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:e0f92706e646954cf0ee372d26a258736183fb1d4166ffe72026f0d5798a805c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:fd1c3172d4e524dbdd236f25395eca3b0fecefe566bddf817fee2a2d6c11ce41_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:2dc95682188c90fddfcfd844881e636371a8febe0106397888b9647cccd82e22_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:53b3b39ac29c20f49b396d0373a058a428866b35ca68909e25b16d2bf9a549c8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:e9c8b25c555767f6e38ebc3f705b828dab980d24372c834e19f98ca5f747aab4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:f12af1c3fa06e65c3c6ebf9ab4480f37ea20b9ef512951586d67b91f39049eda_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:180f4c99795f9d2ca6443f9b1aa7b7d312badde5ad178883a322fbf1e32668b6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:665a3780f90b7a368a9b8029b82ec67706edcc43f19bef00699938b5d69ad3af_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:77d392b5aacc8d801555e67617e190248aaed68fbe7c94441c1388b5cb8413ea_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:f3dd4ab4cec97b6386d184840458d280d0bdf87e2e1655979b6993375e999fb4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:23a56996738b70dde20a1cdc501b827827ba36894db8cd9826363b69d8839fa8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:658614306f6af7dfad068e94b82632e56e05a4c82573363b8040515ffa293baa_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:8d3fd86ec310053c5dd830dd92a80435e70c77514de7944c20109167e364c858_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:c2e6e977525643713a0bf7a60fe41c2b417564bb73da4272f76609fc02faa89c_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:847f175776002883e98bc65bd0c4b41ec77f4b7c7b732beca3fbd9b5381e28cf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:bb49e64f19f5e8437c1eeb0feeec4ca5c5c96138e92a0e8ffa5e5113cfa9efd3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:ec44df7a78953b308020eabb6e304a5ff6582a319643bd44801f1a5f4ddfb69b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:f77de7ec080ad1b2d46a0020ecb19a56bb666244c0166efa8ba13cd74720b24e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:5130c638f0cb5c5da92a79d7a62806836d63fff3432ac9455f0354c22dd956bd_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:7c06a0724a5fbe7dfc5c3fcb486963dbd9669d21e83d971c5d4cef144b3e498e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:9cf5c2d969971bb650ef6292e297f17d60aba96495656e86d2dfab6a63506bfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:fff0e652bd2ff20104be92b1e7a68137154c8c91a3fc693240c546dc4ed24a7d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:2fc1f279e5ea52a4065d6a2e11045f4d3ed690341f61547381770cd6dfcd16eb_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:483385e39d12236ae4e141cce2a2f36e53cfa60b27d53744ee3acd55773531f4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:94c991f8a50f2f7f053fd2312bdca91a4c37d75bfb81fcb89997910dc4060d60_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:9dc50b329620f973b487851c178c117c98458ca0345e95cfe132077eb41ec82f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:5a9f047369f26599841935ecba6c44365626abda4d1b147a0535945b79a28ed6_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:60e1dc469ad22eabf7c4196a0bfcea6a98bdefc095e3dac5a7a9c6afd995a569_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:6d027f6201b58eaf5cf7f8e00ab3892b06cfe51cea0398779a0c610c24d973a3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:e6c1af572e3752fc7a500eb2a83af5007686c5eb20d6d7835283ab5c95fe4d0b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:1409fc96147bf7ceb384434b9413845aa08cc7fb137044b3ebe9d8382b5439d5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:19289b0a7fc403741c6b9b4ca7942830c7e5fb27be742204f8ce70107347e2f8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:351f51131b86bbc57f989995c61302b083194f5fc9fe9e4fabad9fb981e86af8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:a84876ffe39b4d4ff88202aa4f7b003b5bb5d6c861f2f06d12f3f6c1eee76b5d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:16ee05735318605d0b056f85dd63ca67bfc1f133f0431b6471bf8f048f73ed1e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:1bdefa82ed71290123f6110a3bb9a9aba9f241e47a9fdecbb593468ead951977_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:7701135183a6283a7ec73e1a8431ec1f4056b73d5aff083ffcdfc34a4061c77a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:b239125eee8c5de8f5aa3b5933cd2351920fa157e9276e3409c22dc2e8a9a228_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:251fdbfc363c19a627f63fbb22a6a592a8a296774185c1aa0096c114d0bd4091_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:4d43221046f770b6f035d9e891562b66d12cbafa12ed2f64449c4cfb9046c578_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:4e472f967f2ed248a41901f1eea143f8b53cc67d2b00fb7f366b30e0ad4c3589_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:b9490680a3ecd5a5888370a2d6008ce5e9a5734213848f9ca40e3ead9a87c561_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:2762fa7fbdf750aa78402ac7342666868e01191f2eb19f45fade7da1a0267995_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:2d46519833383fa8ad6dd8fa221a83b8546d99e5ecddc97115812a1c5d74ce08_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:696ba3d5ab05c91a4cca2d42cd333d86ea403d96795c09b4e263927338b37aed_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:96d55bba7efbfcb441d30ac5cf276bf3b4a103f128fcc78b2feb8bd6a655fef7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:1d0c886b13aa793c1020be7fa5cd561301679fc6274199ccff15ad71543359c1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:4a20372b3bdbad27be2a66394cf478510f46d1623196e0edef5f4d30b2c6a481_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:d3c8623f8e58908c2955690a448f7684efb851d0eb32940415cc824cef049416_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:d451edefd87f86ddfc042c1216e76e3e6a94cd4375ac3626c3c1dcaca88827d6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:30c58870faabb47c374b30d98520532e7e053e050daf8bed4a1fb743bf486889_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:69af1060e3e46d6b50e7236dff741d74c2f79b1d6791f5f14079d32caa93adc4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:7e21e40121c3af549229b0933bfd6e9d0f705fa5285936c489c4df03a0625e71_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:d9b626336ef66d09cddd9bf3a18c9bec87ed38c943d482d3e75dce8e35241302_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:437b4ed4b258e75f44f5637bd5dfae6b84bd6a44546ed658bded0977e0bf1bc9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:5c81a6e390614069fb163ab03b85f9d97f4fa844e37840bd5506ea146648453b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:ddf8516f281d15b217becd9bc79c56ac30bc814ed607a76cd5244d1a270e2efe_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:e43c7a3af4de5d8933d6d961db25c3d635af7dbb62f9b69bdc72bc0b408e54e8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:31e9c23c4910f67e4c47a5bc5108e355ad0d10803fc2acb7f8fa26803ef3db47_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:5136daa52d90cb01f36e9c8893c9258a4d4897da9d643aa55bbe70dd595069fa_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:a9950fd16ed4c57c8f9d57b7d67b0d799c06c0aa35009bf9ee65b4efe1199621_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:f3bc894a07da644b30e4f1961e027af4a77f6cae43c31a7f6c7cd7f2f15dbf5a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:4e89bd8af4de796b1664facfb75472e04f3a100e05a31c465e0fc1632f2d8922_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:6711573af9580dc36f2b6d1f650c64eaf079095c9afdefacb1483a92c2c5d3bb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:7493e261657f796e172d612b11a782802d305a43f08b5a142516d9c49d4fd8ea_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:df47ccd132cc17cac35d4a597e2d1582d1086754b402b5579f177a54d7e8dec8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:34d2b9425cf277415a42493a53de6c08d23f5fbec34adfac581e161ef112a751_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:7a724abe99c4f15328d11c29ab2fd94dbed3771353d5eaf3dabcfab9a929b1ce_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:90a616349526a7b2bfbff5edbb4c5914dbcf0b472ed763966871a92d9996700a_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:e749feb6787bc37d826bbfb6bf7fc78509c31e3cec10b74791ff13f06ec1e519_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:19bb860788c5157f4cb4dedd6fe29661bc3400708486ed7a0dcbb5e32bc61f68_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:344d572012f7a894b1c4208e51b3e2b20fc46723972de2431494ce7d86bd7694_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:97cda65bbc9c9da02d5cb804354ddd5879787dcc0d87e354b20fbb66d0a88c22_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:aa4f75dc9257e6244b177efd1b727a6f42639dbaf26d8b1fff6013698548a2fd_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:27709f9b5f7bb83996e8ce92e02e379a9533dc74bf8997c5789676727547c710_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:442cccd2570283d4b98fd115ca354905121e375560332f1718e790e431caa87a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:4515e7dd38daabaddd921e52a73d7c1272dfe2a0ddf21a2a36994f0335af8cb8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:fa9ca39b3ddb6213daa0350f27f7e2099a728de5aecc031032e688626e754382_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:03996c596cf7360aa4ab3b15e5cbaca13facb7a982ce6fb17e696f3b7711a4fa_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:a2d0e849a731c00405d2ff0d109ba63cde8196525787ac8c454f0a405c994fce_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:ab64cf0bbd15cef347b302a1933dc88172f5db8f730d758177639c8f869e063c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:d715956ae4cc984f551480ef4d43337c0ec5db7488c9ebc16d061c5b015e6ecd_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:616a381b172de928f5460b77ecff39c0c285dc69efe52161755348f9dcf1318e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:73141807ef57fa62d1f827956d1835bed5e9fe8033fa51429cba6c055fca9cd7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:82a4817ed9a8b3040c69b5fc0328a1bdfbc2bddc78229855afc571c36789c531_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:e30dbde785d8ffd716deeea10c6d08b8bc2a1ef8d3994618dccbd5cd04e18fcb_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:1247fd4ec39b8eabe95101251efe86f5cf3f652e46ab54fe218b9b595dfb0eb2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:949f045375b480fea4957f5948da59529ddf11b49dd2545763bec570291f6b4b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:b3fccae0f3e18c5da3622307e020c0e102ddd33e93ccfce67b9dc2e2fd859b87_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:b7e7b0b5651fcd4bfa344c1fff8bb17f4e088a1fa7d5577a983e00817e32310d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:11d9f2f0596b78de203b009a208d00dbba55d101b8abf93a1299cfc50b37ec62_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:148cce1e22e9112eadd38e60af4b5f4b5c483569646e84cf859d17c6b9d37f57_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:199c50f2e510493dd660739f4acbf831c4855b12927f531d1af6f96c76dba547_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:f68201802e6754412c1181f707aed07058ad1e0d4d22b300c89c73de48cfd3f8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:03e5c4e4dc14a3486ea7e682dea8b0eeb22f7316a309f15de69e85c988c06fd7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:12c712adceceb029355b9b4a037bfe66a2a08ce3c6a2ce7793d6d2e9533dc470_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:a1ca558db817306610d0282bb2dcd95467478cf986d9eab68d63fcb915a0058e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:a4700bdcda826ff18dc059a2df83f99ef39973e9fbfffff1b4ff8e6182d764ce_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:0c9b23fa9b2fb28fc7a36a80c8a34a525b5f112c4bf956d258c41a2fc731f94d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:6e68ad16de1a769cfcf47cc06353f53fe9f485132b7756aa38aea0e79ea119f9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:71c6820b975b2d516c0848fa3ca6c608069e7ab352335201f1eaa7bf4c7c4554_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:d3a26063213be409de7495218e0f1407280fef45c4cb140c2d1829932c0989d1_ppc64le | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Advanced Cluster Management for Kubernetes 2.5.8 General\nAvailability release images, which fix bugs and security updates container images.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Advanced Cluster Management for Kubernetes 2.5.8 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in.\n\nThis advisory contains the container images for Red Hat Advanced Cluster\nManagement for Kubernetes, which fix several bugs. See the following\nRelease Notes documentation, which will be updated shortly for this\nrelease, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html/release_notes/\n\nSecurity fix(es):\n* CVE-2022-25881 http-cache-semantics: Regular Expression Denial of Service\n(ReDoS) vulnerability\n\nJira issues addressed:\n\n* ACM-4683: memcached setting max_item_size is not populated\n* ACM-4736: Policies with a dot in their names don\u0027t work",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:2104",
"url": "https://access.redhat.com/errata/RHSA-2023:2104"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "ACM-4736",
"url": "https://issues.redhat.com/browse/ACM-4736"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_2104.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.5.8 security updates and bug fixes",
"tracking": {
"current_release_date": "2026-07-02T09:03:01+00:00",
"generator": {
"date": "2026-07-02T09:03:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2023:2104",
"initial_release_date": "2023-05-03T20:14:23+00:00",
"revision_history": [
{
"date": "2023-05-03T20:14:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-05-03T20:14:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-02T09:03:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product": {
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:acm:2.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat ACM"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/acm-cluster-proxy-rhel8@sha256:ae6560072188b106a05bcb0cb0b30c8cdd5fd0c9b09b689a6c5ed0bcec555a15_arm64",
"product": {
"name": "rhacm2/acm-cluster-proxy-rhel8@sha256:ae6560072188b106a05bcb0cb0b30c8cdd5fd0c9b09b689a6c5ed0bcec555a15_arm64",
"product_id": "rhacm2/acm-cluster-proxy-rhel8@sha256:ae6560072188b106a05bcb0cb0b30c8cdd5fd0c9b09b689a6c5ed0bcec555a15_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-cluster-proxy-rhel8@sha256:ae6560072188b106a05bcb0cb0b30c8cdd5fd0c9b09b689a6c5ed0bcec555a15?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-cluster-proxy-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:17fcb839bbcb7c25cbe66a6c19dd48252ac0a03cf6335201407d111bf6b5015b_arm64",
"product": {
"name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:17fcb839bbcb7c25cbe66a6c19dd48252ac0a03cf6335201407d111bf6b5015b_arm64",
"product_id": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:17fcb839bbcb7c25cbe66a6c19dd48252ac0a03cf6335201407d111bf6b5015b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-governance-policy-addon-controller-rhel8@sha256:17fcb839bbcb7c25cbe66a6c19dd48252ac0a03cf6335201407d111bf6b5015b?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-grafana-rhel8@sha256:d936283544611591dd94849e3bf9c3c44b8415992e62ce732b8f3c347d3166f6_arm64",
"product": {
"name": "rhacm2/acm-grafana-rhel8@sha256:d936283544611591dd94849e3bf9c3c44b8415992e62ce732b8f3c347d3166f6_arm64",
"product_id": "rhacm2/acm-grafana-rhel8@sha256:d936283544611591dd94849e3bf9c3c44b8415992e62ce732b8f3c347d3166f6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-grafana-rhel8@sha256:d936283544611591dd94849e3bf9c3c44b8415992e62ce732b8f3c347d3166f6?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-must-gather-rhel8@sha256:b1eb1a70b514f725f926648ad0c39d1305653941db2a452c0ffc351ac0438531_arm64",
"product": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:b1eb1a70b514f725f926648ad0c39d1305653941db2a452c0ffc351ac0438531_arm64",
"product_id": "rhacm2/acm-must-gather-rhel8@sha256:b1eb1a70b514f725f926648ad0c39d1305653941db2a452c0ffc351ac0438531_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-must-gather-rhel8@sha256:b1eb1a70b514f725f926648ad0c39d1305653941db2a452c0ffc351ac0438531?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a6f16ef252a256fbadebfbd01b70bbf748e82179285602f1f1735b0933bb67d4_arm64",
"product": {
"name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a6f16ef252a256fbadebfbd01b70bbf748e82179285602f1f1735b0933bb67d4_arm64",
"product_id": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a6f16ef252a256fbadebfbd01b70bbf748e82179285602f1f1735b0933bb67d4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-prometheus-config-reloader-rhel8@sha256:a6f16ef252a256fbadebfbd01b70bbf748e82179285602f1f1735b0933bb67d4?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-prometheus-rhel8@sha256:f4e06e80479dccae5cd97069a50623ec388df93f563191fe6159f3f813aa84db_arm64",
"product": {
"name": "rhacm2/acm-prometheus-rhel8@sha256:f4e06e80479dccae5cd97069a50623ec388df93f563191fe6159f3f813aa84db_arm64",
"product_id": "rhacm2/acm-prometheus-rhel8@sha256:f4e06e80479dccae5cd97069a50623ec388df93f563191fe6159f3f813aa84db_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-prometheus-rhel8@sha256:f4e06e80479dccae5cd97069a50623ec388df93f563191fe6159f3f813aa84db?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:8a721e578b78b6e56f92a9ddabebe1843b50492bdc9e42d00c757e8d239d9dbb_arm64",
"product": {
"name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:8a721e578b78b6e56f92a9ddabebe1843b50492bdc9e42d00c757e8d239d9dbb_arm64",
"product_id": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:8a721e578b78b6e56f92a9ddabebe1843b50492bdc9e42d00c757e8d239d9dbb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-volsync-addon-controller-rhel8@sha256:8a721e578b78b6e56f92a9ddabebe1843b50492bdc9e42d00c757e8d239d9dbb?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cert-policy-controller-rhel8@sha256:6ae568aa7fd9da2953cc7036667a2c030306a0acbe3de0eabe886b63295bf29c_arm64",
"product": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:6ae568aa7fd9da2953cc7036667a2c030306a0acbe3de0eabe886b63295bf29c_arm64",
"product_id": "rhacm2/cert-policy-controller-rhel8@sha256:6ae568aa7fd9da2953cc7036667a2c030306a0acbe3de0eabe886b63295bf29c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cert-policy-controller-rhel8@sha256:6ae568aa7fd9da2953cc7036667a2c030306a0acbe3de0eabe886b63295bf29c?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:d7337ca51bfb99caf69c95470441c3d77249893d53a561375295592cd207b1ec_arm64",
"product": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:d7337ca51bfb99caf69c95470441c3d77249893d53a561375295592cd207b1ec_arm64",
"product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:d7337ca51bfb99caf69c95470441c3d77249893d53a561375295592cd207b1ec_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:d7337ca51bfb99caf69c95470441c3d77249893d53a561375295592cd207b1ec?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:413c48ae42a0ba00b7cc085fa33b01dbec8dc05cac50602093afcb60a6587391_arm64",
"product": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:413c48ae42a0ba00b7cc085fa33b01dbec8dc05cac50602093afcb60a6587391_arm64",
"product_id": "rhacm2/cluster-proxy-addon-rhel8@sha256:413c48ae42a0ba00b7cc085fa33b01dbec8dc05cac50602093afcb60a6587391_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel8@sha256:413c48ae42a0ba00b7cc085fa33b01dbec8dc05cac50602093afcb60a6587391?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/cluster-proxy-addon-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/config-policy-controller-rhel8@sha256:273d357f500611a39987e50453bc243d4f1f85ecce6fc90a97fa2b4580f37b02_arm64",
"product": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:273d357f500611a39987e50453bc243d4f1f85ecce6fc90a97fa2b4580f37b02_arm64",
"product_id": "rhacm2/config-policy-controller-rhel8@sha256:273d357f500611a39987e50453bc243d4f1f85ecce6fc90a97fa2b4580f37b02_arm64",
"product_identification_helper": {
"purl": "pkg:oci/config-policy-controller-rhel8@sha256:273d357f500611a39987e50453bc243d4f1f85ecce6fc90a97fa2b4580f37b02?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-rhel8@sha256:43d0001814b8e3df5ea9cc4a75673388feb2e03443de3e3126bd353e8a709c58_arm64",
"product": {
"name": "rhacm2/console-rhel8@sha256:43d0001814b8e3df5ea9cc4a75673388feb2e03443de3e3126bd353e8a709c58_arm64",
"product_id": "rhacm2/console-rhel8@sha256:43d0001814b8e3df5ea9cc4a75673388feb2e03443de3e3126bd353e8a709c58_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-rhel8@sha256:43d0001814b8e3df5ea9cc4a75673388feb2e03443de3e3126bd353e8a709c58?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.5.8-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7debc3bbbaa7cb11fb38a316b6eeffcf3150ffab71535254288033dfe6e12d5d_arm64",
"product": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7debc3bbbaa7cb11fb38a316b6eeffcf3150ffab71535254288033dfe6e12d5d_arm64",
"product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7debc3bbbaa7cb11fb38a316b6eeffcf3150ffab71535254288033dfe6e12d5d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:7debc3bbbaa7cb11fb38a316b6eeffcf3150ffab71535254288033dfe6e12d5d?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:31e9c532ca1b4f1821e7d5b1a8ca55ccb7fefe3e8f35814a9e4f2a4596f9a365_arm64",
"product": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:31e9c532ca1b4f1821e7d5b1a8ca55ccb7fefe3e8f35814a9e4f2a4596f9a365_arm64",
"product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:31e9c532ca1b4f1821e7d5b1a8ca55ccb7fefe3e8f35814a9e4f2a4596f9a365_arm64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:31e9c532ca1b4f1821e7d5b1a8ca55ccb7fefe3e8f35814a9e4f2a4596f9a365?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:257a7018b6d5f8ce3706892b2b8b5da18d094b1086b72969489a0dbacdb7b072_arm64",
"product": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:257a7018b6d5f8ce3706892b2b8b5da18d094b1086b72969489a0dbacdb7b072_arm64",
"product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:257a7018b6d5f8ce3706892b2b8b5da18d094b1086b72969489a0dbacdb7b072_arm64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:257a7018b6d5f8ce3706892b2b8b5da18d094b1086b72969489a0dbacdb7b072?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:620836af3504d61da539dddb3bcf083ccf67da57eea0dada8986dfaea758afc6_arm64",
"product": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:620836af3504d61da539dddb3bcf083ccf67da57eea0dada8986dfaea758afc6_arm64",
"product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:620836af3504d61da539dddb3bcf083ccf67da57eea0dada8986dfaea758afc6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:620836af3504d61da539dddb3bcf083ccf67da57eea0dada8986dfaea758afc6?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:bb2507fcfde82de4ea0581942f208bde0a225dc5fff35933aa3c90c8daec1b8e_arm64",
"product": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:bb2507fcfde82de4ea0581942f208bde0a225dc5fff35933aa3c90c8daec1b8e_arm64",
"product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:bb2507fcfde82de4ea0581942f208bde0a225dc5fff35933aa3c90c8daec1b8e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:bb2507fcfde82de4ea0581942f208bde0a225dc5fff35933aa3c90c8daec1b8e?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:ba250b395ade07ec66e92c7869e8336fd8fc84546448f8f2ec2da1e0a833bab7_arm64",
"product": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:ba250b395ade07ec66e92c7869e8336fd8fc84546448f8f2ec2da1e0a833bab7_arm64",
"product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:ba250b395ade07ec66e92c7869e8336fd8fc84546448f8f2ec2da1e0a833bab7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:ba250b395ade07ec66e92c7869e8336fd8fc84546448f8f2ec2da1e0a833bab7?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/iam-policy-controller-rhel8@sha256:2cdab722befeee51a4c8e3768c9d128663294e6cc9140c71270125bbbb5256a7_arm64",
"product": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:2cdab722befeee51a4c8e3768c9d128663294e6cc9140c71270125bbbb5256a7_arm64",
"product_id": "rhacm2/iam-policy-controller-rhel8@sha256:2cdab722befeee51a4c8e3768c9d128663294e6cc9140c71270125bbbb5256a7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/iam-policy-controller-rhel8@sha256:2cdab722befeee51a4c8e3768c9d128663294e6cc9140c71270125bbbb5256a7?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-client-rhel8@sha256:c510082c0d9c9e51773405d04a2d1ddfe1d88a6201c68cfb177c952c5eeb1e2f_arm64",
"product": {
"name": "rhacm2/insights-client-rhel8@sha256:c510082c0d9c9e51773405d04a2d1ddfe1d88a6201c68cfb177c952c5eeb1e2f_arm64",
"product_id": "rhacm2/insights-client-rhel8@sha256:c510082c0d9c9e51773405d04a2d1ddfe1d88a6201c68cfb177c952c5eeb1e2f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/insights-client-rhel8@sha256:c510082c0d9c9e51773405d04a2d1ddfe1d88a6201c68cfb177c952c5eeb1e2f?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-metrics-rhel8@sha256:177e43c69b52c6b37ad65a847eaafb19fe1bcb4ca792f1f9cfda6e055e893c9b_arm64",
"product": {
"name": "rhacm2/insights-metrics-rhel8@sha256:177e43c69b52c6b37ad65a847eaafb19fe1bcb4ca792f1f9cfda6e055e893c9b_arm64",
"product_id": "rhacm2/insights-metrics-rhel8@sha256:177e43c69b52c6b37ad65a847eaafb19fe1bcb4ca792f1f9cfda6e055e893c9b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/insights-metrics-rhel8@sha256:177e43c69b52c6b37ad65a847eaafb19fe1bcb4ca792f1f9cfda6e055e893c9b?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:64cad7e21fdfcad78af0bf6686fa36e54f2111254404d6d7b2a8aa9f6fac4009_arm64",
"product": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:64cad7e21fdfcad78af0bf6686fa36e54f2111254404d6d7b2a8aa9f6fac4009_arm64",
"product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:64cad7e21fdfcad78af0bf6686fa36e54f2111254404d6d7b2a8aa9f6fac4009_arm64",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:64cad7e21fdfcad78af0bf6686fa36e54f2111254404d6d7b2a8aa9f6fac4009?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:43c685c96537b0ae174f47abdec172ace314673c758156ebe6b241956be15e35_arm64",
"product": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:43c685c96537b0ae174f47abdec172ace314673c758156ebe6b241956be15e35_arm64",
"product_id": "rhacm2/klusterlet-addon-rhel8-operator@sha256:43c685c96537b0ae174f47abdec172ace314673c758156ebe6b241956be15e35_arm64",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-rhel8-operator@sha256:43c685c96537b0ae174f47abdec172ace314673c758156ebe6b241956be15e35?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-rhel8-operator\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:2a82563ea7eb827d9794d58d1b3fe6ed986e063e321daf0c71a8e045e7fb0b97_arm64",
"product": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:2a82563ea7eb827d9794d58d1b3fe6ed986e063e321daf0c71a8e045e7fb0b97_arm64",
"product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:2a82563ea7eb827d9794d58d1b3fe6ed986e063e321daf0c71a8e045e7fb0b97_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:2a82563ea7eb827d9794d58d1b3fe6ed986e063e321daf0c71a8e045e7fb0b97?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-state-metrics-rhel8@sha256:1eefd48372a62522af3201d7c420e6172c967620119a9d1fbf721bbfa3c8662b_arm64",
"product": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:1eefd48372a62522af3201d7c420e6172c967620119a9d1fbf721bbfa3c8662b_arm64",
"product_id": "rhacm2/kube-state-metrics-rhel8@sha256:1eefd48372a62522af3201d7c420e6172c967620119a9d1fbf721bbfa3c8662b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kube-state-metrics-rhel8@sha256:1eefd48372a62522af3201d7c420e6172c967620119a9d1fbf721bbfa3c8662b?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/management-ingress-rhel8@sha256:53b3b39ac29c20f49b396d0373a058a428866b35ca68909e25b16d2bf9a549c8_arm64",
"product": {
"name": "rhacm2/management-ingress-rhel8@sha256:53b3b39ac29c20f49b396d0373a058a428866b35ca68909e25b16d2bf9a549c8_arm64",
"product_id": "rhacm2/management-ingress-rhel8@sha256:53b3b39ac29c20f49b396d0373a058a428866b35ca68909e25b16d2bf9a549c8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/management-ingress-rhel8@sha256:53b3b39ac29c20f49b396d0373a058a428866b35ca68909e25b16d2bf9a549c8?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-rhel8@sha256:c2e6e977525643713a0bf7a60fe41c2b417564bb73da4272f76609fc02faa89c_arm64",
"product": {
"name": "rhacm2/memcached-rhel8@sha256:c2e6e977525643713a0bf7a60fe41c2b417564bb73da4272f76609fc02faa89c_arm64",
"product_id": "rhacm2/memcached-rhel8@sha256:c2e6e977525643713a0bf7a60fe41c2b417564bb73da4272f76609fc02faa89c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/memcached-rhel8@sha256:c2e6e977525643713a0bf7a60fe41c2b417564bb73da4272f76609fc02faa89c?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.5.8-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-exporter-rhel8@sha256:665a3780f90b7a368a9b8029b82ec67706edcc43f19bef00699938b5d69ad3af_arm64",
"product": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:665a3780f90b7a368a9b8029b82ec67706edcc43f19bef00699938b5d69ad3af_arm64",
"product_id": "rhacm2/memcached-exporter-rhel8@sha256:665a3780f90b7a368a9b8029b82ec67706edcc43f19bef00699938b5d69ad3af_arm64",
"product_identification_helper": {
"purl": "pkg:oci/memcached-exporter-rhel8@sha256:665a3780f90b7a368a9b8029b82ec67706edcc43f19bef00699938b5d69ad3af?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/metrics-collector-rhel8@sha256:ec44df7a78953b308020eabb6e304a5ff6582a319643bd44801f1a5f4ddfb69b_arm64",
"product": {
"name": "rhacm2/metrics-collector-rhel8@sha256:ec44df7a78953b308020eabb6e304a5ff6582a319643bd44801f1a5f4ddfb69b_arm64",
"product_id": "rhacm2/metrics-collector-rhel8@sha256:ec44df7a78953b308020eabb6e304a5ff6582a319643bd44801f1a5f4ddfb69b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/metrics-collector-rhel8@sha256:ec44df7a78953b308020eabb6e304a5ff6582a319643bd44801f1a5f4ddfb69b?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-integrations-rhel8@sha256:7c06a0724a5fbe7dfc5c3fcb486963dbd9669d21e83d971c5d4cef144b3e498e_arm64",
"product": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:7c06a0724a5fbe7dfc5c3fcb486963dbd9669d21e83d971c5d4cef144b3e498e_arm64",
"product_id": "rhacm2/multicloud-integrations-rhel8@sha256:7c06a0724a5fbe7dfc5c3fcb486963dbd9669d21e83d971c5d4cef144b3e498e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-integrations-rhel8@sha256:7c06a0724a5fbe7dfc5c3fcb486963dbd9669d21e83d971c5d4cef144b3e498e?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-rhel8@sha256:2d46519833383fa8ad6dd8fa221a83b8546d99e5ecddc97115812a1c5d74ce08_arm64",
"product": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:2d46519833383fa8ad6dd8fa221a83b8546d99e5ecddc97115812a1c5d74ce08_arm64",
"product_id": "rhacm2/multiclusterhub-rhel8@sha256:2d46519833383fa8ad6dd8fa221a83b8546d99e5ecddc97115812a1c5d74ce08_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-rhel8@sha256:2d46519833383fa8ad6dd8fa221a83b8546d99e5ecddc97115812a1c5d74ce08?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:251fdbfc363c19a627f63fbb22a6a592a8a296774185c1aa0096c114d0bd4091_arm64",
"product": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:251fdbfc363c19a627f63fbb22a6a592a8a296774185c1aa0096c114d0bd4091_arm64",
"product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:251fdbfc363c19a627f63fbb22a6a592a8a296774185c1aa0096c114d0bd4091_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:251fdbfc363c19a627f63fbb22a6a592a8a296774185c1aa0096c114d0bd4091?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:94c991f8a50f2f7f053fd2312bdca91a4c37d75bfb81fcb89997910dc4060d60_arm64",
"product": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:94c991f8a50f2f7f053fd2312bdca91a4c37d75bfb81fcb89997910dc4060d60_arm64",
"product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:94c991f8a50f2f7f053fd2312bdca91a4c37d75bfb81fcb89997910dc4060d60_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:94c991f8a50f2f7f053fd2312bdca91a4c37d75bfb81fcb89997910dc4060d60?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:5a9f047369f26599841935ecba6c44365626abda4d1b147a0535945b79a28ed6_arm64",
"product": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:5a9f047369f26599841935ecba6c44365626abda4d1b147a0535945b79a28ed6_arm64",
"product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:5a9f047369f26599841935ecba6c44365626abda4d1b147a0535945b79a28ed6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:5a9f047369f26599841935ecba6c44365626abda4d1b147a0535945b79a28ed6?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:351f51131b86bbc57f989995c61302b083194f5fc9fe9e4fabad9fb981e86af8_arm64",
"product": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:351f51131b86bbc57f989995c61302b083194f5fc9fe9e4fabad9fb981e86af8_arm64",
"product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:351f51131b86bbc57f989995c61302b083194f5fc9fe9e4fabad9fb981e86af8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:351f51131b86bbc57f989995c61302b083194f5fc9fe9e4fabad9fb981e86af8?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:16ee05735318605d0b056f85dd63ca67bfc1f133f0431b6471bf8f048f73ed1e_arm64",
"product": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:16ee05735318605d0b056f85dd63ca67bfc1f133f0431b6471bf8f048f73ed1e_arm64",
"product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:16ee05735318605d0b056f85dd63ca67bfc1f133f0431b6471bf8f048f73ed1e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:16ee05735318605d0b056f85dd63ca67bfc1f133f0431b6471bf8f048f73ed1e?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/node-exporter-rhel8@sha256:1d0c886b13aa793c1020be7fa5cd561301679fc6274199ccff15ad71543359c1_arm64",
"product": {
"name": "rhacm2/node-exporter-rhel8@sha256:1d0c886b13aa793c1020be7fa5cd561301679fc6274199ccff15ad71543359c1_arm64",
"product_id": "rhacm2/node-exporter-rhel8@sha256:1d0c886b13aa793c1020be7fa5cd561301679fc6274199ccff15ad71543359c1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/node-exporter-rhel8@sha256:1d0c886b13aa793c1020be7fa5cd561301679fc6274199ccff15ad71543359c1?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8@sha256:437b4ed4b258e75f44f5637bd5dfae6b84bd6a44546ed658bded0977e0bf1bc9_arm64",
"product": {
"name": "rhacm2/observatorium-rhel8@sha256:437b4ed4b258e75f44f5637bd5dfae6b84bd6a44546ed658bded0977e0bf1bc9_arm64",
"product_id": "rhacm2/observatorium-rhel8@sha256:437b4ed4b258e75f44f5637bd5dfae6b84bd6a44546ed658bded0977e0bf1bc9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8@sha256:437b4ed4b258e75f44f5637bd5dfae6b84bd6a44546ed658bded0977e0bf1bc9?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8-operator@sha256:30c58870faabb47c374b30d98520532e7e053e050daf8bed4a1fb743bf486889_arm64",
"product": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:30c58870faabb47c374b30d98520532e7e053e050daf8bed4a1fb743bf486889_arm64",
"product_id": "rhacm2/observatorium-rhel8-operator@sha256:30c58870faabb47c374b30d98520532e7e053e050daf8bed4a1fb743bf486889_arm64",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8-operator@sha256:30c58870faabb47c374b30d98520532e7e053e050daf8bed4a1fb743bf486889?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.5.8-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:31e9c23c4910f67e4c47a5bc5108e355ad0d10803fc2acb7f8fa26803ef3db47_arm64",
"product": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:31e9c23c4910f67e4c47a5bc5108e355ad0d10803fc2acb7f8fa26803ef3db47_arm64",
"product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:31e9c23c4910f67e4c47a5bc5108e355ad0d10803fc2acb7f8fa26803ef3db47_arm64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:31e9c23c4910f67e4c47a5bc5108e355ad0d10803fc2acb7f8fa26803ef3db47?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-rhel8@sha256:7493e261657f796e172d612b11a782802d305a43f08b5a142516d9c49d4fd8ea_arm64",
"product": {
"name": "rhacm2/prometheus-rhel8@sha256:7493e261657f796e172d612b11a782802d305a43f08b5a142516d9c49d4fd8ea_arm64",
"product_id": "rhacm2/prometheus-rhel8@sha256:7493e261657f796e172d612b11a782802d305a43f08b5a142516d9c49d4fd8ea_arm64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel8@sha256:7493e261657f796e172d612b11a782802d305a43f08b5a142516d9c49d4fd8ea?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:90a616349526a7b2bfbff5edbb4c5914dbcf0b472ed763966871a92d9996700a_arm64",
"product": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:90a616349526a7b2bfbff5edbb4c5914dbcf0b472ed763966871a92d9996700a_arm64",
"product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:90a616349526a7b2bfbff5edbb4c5914dbcf0b472ed763966871a92d9996700a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:90a616349526a7b2bfbff5edbb4c5914dbcf0b472ed763966871a92d9996700a?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/redisgraph-tls-rhel8@sha256:19bb860788c5157f4cb4dedd6fe29661bc3400708486ed7a0dcbb5e32bc61f68_arm64",
"product": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:19bb860788c5157f4cb4dedd6fe29661bc3400708486ed7a0dcbb5e32bc61f68_arm64",
"product_id": "rhacm2/redisgraph-tls-rhel8@sha256:19bb860788c5157f4cb4dedd6fe29661bc3400708486ed7a0dcbb5e32bc61f68_arm64",
"product_identification_helper": {
"purl": "pkg:oci/redisgraph-tls-rhel8@sha256:19bb860788c5157f4cb4dedd6fe29661bc3400708486ed7a0dcbb5e32bc61f68?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.5.8-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-aggregator-rhel8@sha256:27709f9b5f7bb83996e8ce92e02e379a9533dc74bf8997c5789676727547c710_arm64",
"product": {
"name": "rhacm2/search-aggregator-rhel8@sha256:27709f9b5f7bb83996e8ce92e02e379a9533dc74bf8997c5789676727547c710_arm64",
"product_id": "rhacm2/search-aggregator-rhel8@sha256:27709f9b5f7bb83996e8ce92e02e379a9533dc74bf8997c5789676727547c710_arm64",
"product_identification_helper": {
"purl": "pkg:oci/search-aggregator-rhel8@sha256:27709f9b5f7bb83996e8ce92e02e379a9533dc74bf8997c5789676727547c710?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-api-rhel8@sha256:d715956ae4cc984f551480ef4d43337c0ec5db7488c9ebc16d061c5b015e6ecd_arm64",
"product": {
"name": "rhacm2/search-api-rhel8@sha256:d715956ae4cc984f551480ef4d43337c0ec5db7488c9ebc16d061c5b015e6ecd_arm64",
"product_id": "rhacm2/search-api-rhel8@sha256:d715956ae4cc984f551480ef4d43337c0ec5db7488c9ebc16d061c5b015e6ecd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/search-api-rhel8@sha256:d715956ae4cc984f551480ef4d43337c0ec5db7488c9ebc16d061c5b015e6ecd?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-collector-rhel8@sha256:e30dbde785d8ffd716deeea10c6d08b8bc2a1ef8d3994618dccbd5cd04e18fcb_arm64",
"product": {
"name": "rhacm2/search-collector-rhel8@sha256:e30dbde785d8ffd716deeea10c6d08b8bc2a1ef8d3994618dccbd5cd04e18fcb_arm64",
"product_id": "rhacm2/search-collector-rhel8@sha256:e30dbde785d8ffd716deeea10c6d08b8bc2a1ef8d3994618dccbd5cd04e18fcb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/search-collector-rhel8@sha256:e30dbde785d8ffd716deeea10c6d08b8bc2a1ef8d3994618dccbd5cd04e18fcb?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-rhel8@sha256:949f045375b480fea4957f5948da59529ddf11b49dd2545763bec570291f6b4b_arm64",
"product": {
"name": "rhacm2/search-rhel8@sha256:949f045375b480fea4957f5948da59529ddf11b49dd2545763bec570291f6b4b_arm64",
"product_id": "rhacm2/search-rhel8@sha256:949f045375b480fea4957f5948da59529ddf11b49dd2545763bec570291f6b4b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/search-rhel8@sha256:949f045375b480fea4957f5948da59529ddf11b49dd2545763bec570291f6b4b?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-addon-rhel8@sha256:11d9f2f0596b78de203b009a208d00dbba55d101b8abf93a1299cfc50b37ec62_arm64",
"product": {
"name": "rhacm2/submariner-addon-rhel8@sha256:11d9f2f0596b78de203b009a208d00dbba55d101b8abf93a1299cfc50b37ec62_arm64",
"product_id": "rhacm2/submariner-addon-rhel8@sha256:11d9f2f0596b78de203b009a208d00dbba55d101b8abf93a1299cfc50b37ec62_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-addon-rhel8@sha256:11d9f2f0596b78de203b009a208d00dbba55d101b8abf93a1299cfc50b37ec62?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.5.8-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-rhel8@sha256:6e68ad16de1a769cfcf47cc06353f53fe9f485132b7756aa38aea0e79ea119f9_arm64",
"product": {
"name": "rhacm2/thanos-rhel8@sha256:6e68ad16de1a769cfcf47cc06353f53fe9f485132b7756aa38aea0e79ea119f9_arm64",
"product_id": "rhacm2/thanos-rhel8@sha256:6e68ad16de1a769cfcf47cc06353f53fe9f485132b7756aa38aea0e79ea119f9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel8@sha256:6e68ad16de1a769cfcf47cc06353f53fe9f485132b7756aa38aea0e79ea119f9?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:a4700bdcda826ff18dc059a2df83f99ef39973e9fbfffff1b4ff8e6182d764ce_arm64",
"product": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:a4700bdcda826ff18dc059a2df83f99ef39973e9fbfffff1b4ff8e6182d764ce_arm64",
"product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:a4700bdcda826ff18dc059a2df83f99ef39973e9fbfffff1b4ff8e6182d764ce_arm64",
"product_identification_helper": {
"purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:a4700bdcda826ff18dc059a2df83f99ef39973e9fbfffff1b4ff8e6182d764ce?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.5.8-4"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/acm-cluster-proxy-rhel8@sha256:c3153f927005f6370671a11909983393037a79fb4db7feee689474109dc7fc78_ppc64le",
"product": {
"name": "rhacm2/acm-cluster-proxy-rhel8@sha256:c3153f927005f6370671a11909983393037a79fb4db7feee689474109dc7fc78_ppc64le",
"product_id": "rhacm2/acm-cluster-proxy-rhel8@sha256:c3153f927005f6370671a11909983393037a79fb4db7feee689474109dc7fc78_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-cluster-proxy-rhel8@sha256:c3153f927005f6370671a11909983393037a79fb4db7feee689474109dc7fc78?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-cluster-proxy-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7fb67d35bad7f0c7f9ab5f2de9bcb7d78f5482207a986b982ad1120fb2c359f6_ppc64le",
"product": {
"name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7fb67d35bad7f0c7f9ab5f2de9bcb7d78f5482207a986b982ad1120fb2c359f6_ppc64le",
"product_id": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7fb67d35bad7f0c7f9ab5f2de9bcb7d78f5482207a986b982ad1120fb2c359f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-governance-policy-addon-controller-rhel8@sha256:7fb67d35bad7f0c7f9ab5f2de9bcb7d78f5482207a986b982ad1120fb2c359f6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-grafana-rhel8@sha256:27a794307bbf4e9dbb593f2f118304ec0adab0b4e2f2cebe352a830d8f8164c5_ppc64le",
"product": {
"name": "rhacm2/acm-grafana-rhel8@sha256:27a794307bbf4e9dbb593f2f118304ec0adab0b4e2f2cebe352a830d8f8164c5_ppc64le",
"product_id": "rhacm2/acm-grafana-rhel8@sha256:27a794307bbf4e9dbb593f2f118304ec0adab0b4e2f2cebe352a830d8f8164c5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-grafana-rhel8@sha256:27a794307bbf4e9dbb593f2f118304ec0adab0b4e2f2cebe352a830d8f8164c5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-must-gather-rhel8@sha256:5eea4e889a403d1e9530980eaa0a973c1453c24fda8ada59957bbc4f20757551_ppc64le",
"product": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:5eea4e889a403d1e9530980eaa0a973c1453c24fda8ada59957bbc4f20757551_ppc64le",
"product_id": "rhacm2/acm-must-gather-rhel8@sha256:5eea4e889a403d1e9530980eaa0a973c1453c24fda8ada59957bbc4f20757551_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-must-gather-rhel8@sha256:5eea4e889a403d1e9530980eaa0a973c1453c24fda8ada59957bbc4f20757551?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-operator-bundle@sha256:8d21655a022072564d48ab764b5da765c9b1dd0a84f76ac4875cbde944c04747_ppc64le",
"product": {
"name": "rhacm2/acm-operator-bundle@sha256:8d21655a022072564d48ab764b5da765c9b1dd0a84f76ac4875cbde944c04747_ppc64le",
"product_id": "rhacm2/acm-operator-bundle@sha256:8d21655a022072564d48ab764b5da765c9b1dd0a84f76ac4875cbde944c04747_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-operator-bundle@sha256:8d21655a022072564d48ab764b5da765c9b1dd0a84f76ac4875cbde944c04747?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.5.8-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:4be1d5580dc2dd49b2f94c0c57e2de081ee54507cd1f422e9eb7a4126f6a36c3_ppc64le",
"product": {
"name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:4be1d5580dc2dd49b2f94c0c57e2de081ee54507cd1f422e9eb7a4126f6a36c3_ppc64le",
"product_id": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:4be1d5580dc2dd49b2f94c0c57e2de081ee54507cd1f422e9eb7a4126f6a36c3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-prometheus-config-reloader-rhel8@sha256:4be1d5580dc2dd49b2f94c0c57e2de081ee54507cd1f422e9eb7a4126f6a36c3?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-prometheus-rhel8@sha256:1e11a1e52ab4a696df5ae1403a9a6539cc94931e486d575f28f35c6ad1202428_ppc64le",
"product": {
"name": "rhacm2/acm-prometheus-rhel8@sha256:1e11a1e52ab4a696df5ae1403a9a6539cc94931e486d575f28f35c6ad1202428_ppc64le",
"product_id": "rhacm2/acm-prometheus-rhel8@sha256:1e11a1e52ab4a696df5ae1403a9a6539cc94931e486d575f28f35c6ad1202428_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-prometheus-rhel8@sha256:1e11a1e52ab4a696df5ae1403a9a6539cc94931e486d575f28f35c6ad1202428?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:9fa12720e772f7e8e101943742e0927d35cbb112ab1268a58faf3f73fbb0ea50_ppc64le",
"product": {
"name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:9fa12720e772f7e8e101943742e0927d35cbb112ab1268a58faf3f73fbb0ea50_ppc64le",
"product_id": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:9fa12720e772f7e8e101943742e0927d35cbb112ab1268a58faf3f73fbb0ea50_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-volsync-addon-controller-rhel8@sha256:9fa12720e772f7e8e101943742e0927d35cbb112ab1268a58faf3f73fbb0ea50?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cert-policy-controller-rhel8@sha256:b5929eb3b7e752188ffa76babd79b19368cef5c3d3c50e32c0b72f26c0c70784_ppc64le",
"product": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:b5929eb3b7e752188ffa76babd79b19368cef5c3d3c50e32c0b72f26c0c70784_ppc64le",
"product_id": "rhacm2/cert-policy-controller-rhel8@sha256:b5929eb3b7e752188ffa76babd79b19368cef5c3d3c50e32c0b72f26c0c70784_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cert-policy-controller-rhel8@sha256:b5929eb3b7e752188ffa76babd79b19368cef5c3d3c50e32c0b72f26c0c70784?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:f296df788cc318a3d978e4e1fc8358d069b3979ca1fd6698d6727858978a3109_ppc64le",
"product": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:f296df788cc318a3d978e4e1fc8358d069b3979ca1fd6698d6727858978a3109_ppc64le",
"product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:f296df788cc318a3d978e4e1fc8358d069b3979ca1fd6698d6727858978a3109_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:f296df788cc318a3d978e4e1fc8358d069b3979ca1fd6698d6727858978a3109?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:672f989d243cf3648e7268f2d6b6a241635beec2c8a13398b4a3c2df4b231948_ppc64le",
"product": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:672f989d243cf3648e7268f2d6b6a241635beec2c8a13398b4a3c2df4b231948_ppc64le",
"product_id": "rhacm2/cluster-proxy-addon-rhel8@sha256:672f989d243cf3648e7268f2d6b6a241635beec2c8a13398b4a3c2df4b231948_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel8@sha256:672f989d243cf3648e7268f2d6b6a241635beec2c8a13398b4a3c2df4b231948?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cluster-proxy-addon-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/config-policy-controller-rhel8@sha256:51a5f1b376661bd3d2c7dcdd3788bcad526016aba2b80c72c83a72b0b04df78e_ppc64le",
"product": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:51a5f1b376661bd3d2c7dcdd3788bcad526016aba2b80c72c83a72b0b04df78e_ppc64le",
"product_id": "rhacm2/config-policy-controller-rhel8@sha256:51a5f1b376661bd3d2c7dcdd3788bcad526016aba2b80c72c83a72b0b04df78e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/config-policy-controller-rhel8@sha256:51a5f1b376661bd3d2c7dcdd3788bcad526016aba2b80c72c83a72b0b04df78e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-rhel8@sha256:e0329f2b0495e5657c777f0d4ba219357faf00708b85e0fcbfad448110d88c99_ppc64le",
"product": {
"name": "rhacm2/console-rhel8@sha256:e0329f2b0495e5657c777f0d4ba219357faf00708b85e0fcbfad448110d88c99_ppc64le",
"product_id": "rhacm2/console-rhel8@sha256:e0329f2b0495e5657c777f0d4ba219357faf00708b85e0fcbfad448110d88c99_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-rhel8@sha256:e0329f2b0495e5657c777f0d4ba219357faf00708b85e0fcbfad448110d88c99?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.5.8-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:6543b5d66776cd49f7b75034f56a841a8fdc33464a24d0aa1dab660ce2aedf61_ppc64le",
"product": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:6543b5d66776cd49f7b75034f56a841a8fdc33464a24d0aa1dab660ce2aedf61_ppc64le",
"product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:6543b5d66776cd49f7b75034f56a841a8fdc33464a24d0aa1dab660ce2aedf61_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:6543b5d66776cd49f7b75034f56a841a8fdc33464a24d0aa1dab660ce2aedf61?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:6acd7f14d35e1296964fe4b8aff906447d039c115766483eb6d976c5fe3cf6f4_ppc64le",
"product": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:6acd7f14d35e1296964fe4b8aff906447d039c115766483eb6d976c5fe3cf6f4_ppc64le",
"product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:6acd7f14d35e1296964fe4b8aff906447d039c115766483eb6d976c5fe3cf6f4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:6acd7f14d35e1296964fe4b8aff906447d039c115766483eb6d976c5fe3cf6f4?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:7db39af24f5729fa7d2aef81125a6ca2e207807a61e628133cdc6dadf090593a_ppc64le",
"product": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:7db39af24f5729fa7d2aef81125a6ca2e207807a61e628133cdc6dadf090593a_ppc64le",
"product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:7db39af24f5729fa7d2aef81125a6ca2e207807a61e628133cdc6dadf090593a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:7db39af24f5729fa7d2aef81125a6ca2e207807a61e628133cdc6dadf090593a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:60cce7b2596c3e9a12fabc08652beddaeacd786b56db6601ca5e06a7da94b0f8_ppc64le",
"product": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:60cce7b2596c3e9a12fabc08652beddaeacd786b56db6601ca5e06a7da94b0f8_ppc64le",
"product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:60cce7b2596c3e9a12fabc08652beddaeacd786b56db6601ca5e06a7da94b0f8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:60cce7b2596c3e9a12fabc08652beddaeacd786b56db6601ca5e06a7da94b0f8?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:205eb25e8036c45863c221ea969b9b68ff0e3915fd1560fd76e62fa0c11ffb16_ppc64le",
"product": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:205eb25e8036c45863c221ea969b9b68ff0e3915fd1560fd76e62fa0c11ffb16_ppc64le",
"product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:205eb25e8036c45863c221ea969b9b68ff0e3915fd1560fd76e62fa0c11ffb16_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:205eb25e8036c45863c221ea969b9b68ff0e3915fd1560fd76e62fa0c11ffb16?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:6c012d7109ad50b13f8603f347fb4bf23e7ae2b9a07b1e7b722c49ac4967b72d_ppc64le",
"product": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:6c012d7109ad50b13f8603f347fb4bf23e7ae2b9a07b1e7b722c49ac4967b72d_ppc64le",
"product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:6c012d7109ad50b13f8603f347fb4bf23e7ae2b9a07b1e7b722c49ac4967b72d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:6c012d7109ad50b13f8603f347fb4bf23e7ae2b9a07b1e7b722c49ac4967b72d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/iam-policy-controller-rhel8@sha256:ea93d398ec3c324ad3c6f2745e2f108fc11a5fad461072283a331287798a14a5_ppc64le",
"product": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:ea93d398ec3c324ad3c6f2745e2f108fc11a5fad461072283a331287798a14a5_ppc64le",
"product_id": "rhacm2/iam-policy-controller-rhel8@sha256:ea93d398ec3c324ad3c6f2745e2f108fc11a5fad461072283a331287798a14a5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/iam-policy-controller-rhel8@sha256:ea93d398ec3c324ad3c6f2745e2f108fc11a5fad461072283a331287798a14a5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-client-rhel8@sha256:78a7cc419032136a10af2ac80a7a63d14d7061e299516ad6b6ca12ced0a67e2d_ppc64le",
"product": {
"name": "rhacm2/insights-client-rhel8@sha256:78a7cc419032136a10af2ac80a7a63d14d7061e299516ad6b6ca12ced0a67e2d_ppc64le",
"product_id": "rhacm2/insights-client-rhel8@sha256:78a7cc419032136a10af2ac80a7a63d14d7061e299516ad6b6ca12ced0a67e2d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/insights-client-rhel8@sha256:78a7cc419032136a10af2ac80a7a63d14d7061e299516ad6b6ca12ced0a67e2d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-metrics-rhel8@sha256:935020d5ea1bde696e163c7161d4538aa2fbb8a9422e6d00b06bdb94ab0b3e26_ppc64le",
"product": {
"name": "rhacm2/insights-metrics-rhel8@sha256:935020d5ea1bde696e163c7161d4538aa2fbb8a9422e6d00b06bdb94ab0b3e26_ppc64le",
"product_id": "rhacm2/insights-metrics-rhel8@sha256:935020d5ea1bde696e163c7161d4538aa2fbb8a9422e6d00b06bdb94ab0b3e26_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/insights-metrics-rhel8@sha256:935020d5ea1bde696e163c7161d4538aa2fbb8a9422e6d00b06bdb94ab0b3e26?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:dd9dc2f148b72eafd49a59f6913bbe56f4a0c0fb0880f40964241790d9b8f042_ppc64le",
"product": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:dd9dc2f148b72eafd49a59f6913bbe56f4a0c0fb0880f40964241790d9b8f042_ppc64le",
"product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:dd9dc2f148b72eafd49a59f6913bbe56f4a0c0fb0880f40964241790d9b8f042_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:dd9dc2f148b72eafd49a59f6913bbe56f4a0c0fb0880f40964241790d9b8f042?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:952c658730d28302d2ea3db85650666981a96c8ac372e5f98256a6ac5de0872c_ppc64le",
"product": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:952c658730d28302d2ea3db85650666981a96c8ac372e5f98256a6ac5de0872c_ppc64le",
"product_id": "rhacm2/klusterlet-addon-rhel8-operator@sha256:952c658730d28302d2ea3db85650666981a96c8ac372e5f98256a6ac5de0872c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-rhel8-operator@sha256:952c658730d28302d2ea3db85650666981a96c8ac372e5f98256a6ac5de0872c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-rhel8-operator\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:f6560334142127a5287615b508fd02be7f260ed48878479d7a697d8b7c096df9_ppc64le",
"product": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:f6560334142127a5287615b508fd02be7f260ed48878479d7a697d8b7c096df9_ppc64le",
"product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:f6560334142127a5287615b508fd02be7f260ed48878479d7a697d8b7c096df9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:f6560334142127a5287615b508fd02be7f260ed48878479d7a697d8b7c096df9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-state-metrics-rhel8@sha256:e0f92706e646954cf0ee372d26a258736183fb1d4166ffe72026f0d5798a805c_ppc64le",
"product": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:e0f92706e646954cf0ee372d26a258736183fb1d4166ffe72026f0d5798a805c_ppc64le",
"product_id": "rhacm2/kube-state-metrics-rhel8@sha256:e0f92706e646954cf0ee372d26a258736183fb1d4166ffe72026f0d5798a805c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kube-state-metrics-rhel8@sha256:e0f92706e646954cf0ee372d26a258736183fb1d4166ffe72026f0d5798a805c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/management-ingress-rhel8@sha256:f12af1c3fa06e65c3c6ebf9ab4480f37ea20b9ef512951586d67b91f39049eda_ppc64le",
"product": {
"name": "rhacm2/management-ingress-rhel8@sha256:f12af1c3fa06e65c3c6ebf9ab4480f37ea20b9ef512951586d67b91f39049eda_ppc64le",
"product_id": "rhacm2/management-ingress-rhel8@sha256:f12af1c3fa06e65c3c6ebf9ab4480f37ea20b9ef512951586d67b91f39049eda_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/management-ingress-rhel8@sha256:f12af1c3fa06e65c3c6ebf9ab4480f37ea20b9ef512951586d67b91f39049eda?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-rhel8@sha256:8d3fd86ec310053c5dd830dd92a80435e70c77514de7944c20109167e364c858_ppc64le",
"product": {
"name": "rhacm2/memcached-rhel8@sha256:8d3fd86ec310053c5dd830dd92a80435e70c77514de7944c20109167e364c858_ppc64le",
"product_id": "rhacm2/memcached-rhel8@sha256:8d3fd86ec310053c5dd830dd92a80435e70c77514de7944c20109167e364c858_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/memcached-rhel8@sha256:8d3fd86ec310053c5dd830dd92a80435e70c77514de7944c20109167e364c858?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.5.8-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-exporter-rhel8@sha256:77d392b5aacc8d801555e67617e190248aaed68fbe7c94441c1388b5cb8413ea_ppc64le",
"product": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:77d392b5aacc8d801555e67617e190248aaed68fbe7c94441c1388b5cb8413ea_ppc64le",
"product_id": "rhacm2/memcached-exporter-rhel8@sha256:77d392b5aacc8d801555e67617e190248aaed68fbe7c94441c1388b5cb8413ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/memcached-exporter-rhel8@sha256:77d392b5aacc8d801555e67617e190248aaed68fbe7c94441c1388b5cb8413ea?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/metrics-collector-rhel8@sha256:bb49e64f19f5e8437c1eeb0feeec4ca5c5c96138e92a0e8ffa5e5113cfa9efd3_ppc64le",
"product": {
"name": "rhacm2/metrics-collector-rhel8@sha256:bb49e64f19f5e8437c1eeb0feeec4ca5c5c96138e92a0e8ffa5e5113cfa9efd3_ppc64le",
"product_id": "rhacm2/metrics-collector-rhel8@sha256:bb49e64f19f5e8437c1eeb0feeec4ca5c5c96138e92a0e8ffa5e5113cfa9efd3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/metrics-collector-rhel8@sha256:bb49e64f19f5e8437c1eeb0feeec4ca5c5c96138e92a0e8ffa5e5113cfa9efd3?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-integrations-rhel8@sha256:5130c638f0cb5c5da92a79d7a62806836d63fff3432ac9455f0354c22dd956bd_ppc64le",
"product": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:5130c638f0cb5c5da92a79d7a62806836d63fff3432ac9455f0354c22dd956bd_ppc64le",
"product_id": "rhacm2/multicloud-integrations-rhel8@sha256:5130c638f0cb5c5da92a79d7a62806836d63fff3432ac9455f0354c22dd956bd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-integrations-rhel8@sha256:5130c638f0cb5c5da92a79d7a62806836d63fff3432ac9455f0354c22dd956bd?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-rhel8@sha256:696ba3d5ab05c91a4cca2d42cd333d86ea403d96795c09b4e263927338b37aed_ppc64le",
"product": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:696ba3d5ab05c91a4cca2d42cd333d86ea403d96795c09b4e263927338b37aed_ppc64le",
"product_id": "rhacm2/multiclusterhub-rhel8@sha256:696ba3d5ab05c91a4cca2d42cd333d86ea403d96795c09b4e263927338b37aed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-rhel8@sha256:696ba3d5ab05c91a4cca2d42cd333d86ea403d96795c09b4e263927338b37aed?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:4d43221046f770b6f035d9e891562b66d12cbafa12ed2f64449c4cfb9046c578_ppc64le",
"product": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:4d43221046f770b6f035d9e891562b66d12cbafa12ed2f64449c4cfb9046c578_ppc64le",
"product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:4d43221046f770b6f035d9e891562b66d12cbafa12ed2f64449c4cfb9046c578_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:4d43221046f770b6f035d9e891562b66d12cbafa12ed2f64449c4cfb9046c578?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:2fc1f279e5ea52a4065d6a2e11045f4d3ed690341f61547381770cd6dfcd16eb_ppc64le",
"product": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:2fc1f279e5ea52a4065d6a2e11045f4d3ed690341f61547381770cd6dfcd16eb_ppc64le",
"product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:2fc1f279e5ea52a4065d6a2e11045f4d3ed690341f61547381770cd6dfcd16eb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:2fc1f279e5ea52a4065d6a2e11045f4d3ed690341f61547381770cd6dfcd16eb?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:60e1dc469ad22eabf7c4196a0bfcea6a98bdefc095e3dac5a7a9c6afd995a569_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:60e1dc469ad22eabf7c4196a0bfcea6a98bdefc095e3dac5a7a9c6afd995a569_ppc64le",
"product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:60e1dc469ad22eabf7c4196a0bfcea6a98bdefc095e3dac5a7a9c6afd995a569_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:60e1dc469ad22eabf7c4196a0bfcea6a98bdefc095e3dac5a7a9c6afd995a569?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:1409fc96147bf7ceb384434b9413845aa08cc7fb137044b3ebe9d8382b5439d5_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:1409fc96147bf7ceb384434b9413845aa08cc7fb137044b3ebe9d8382b5439d5_ppc64le",
"product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:1409fc96147bf7ceb384434b9413845aa08cc7fb137044b3ebe9d8382b5439d5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:1409fc96147bf7ceb384434b9413845aa08cc7fb137044b3ebe9d8382b5439d5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:1bdefa82ed71290123f6110a3bb9a9aba9f241e47a9fdecbb593468ead951977_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:1bdefa82ed71290123f6110a3bb9a9aba9f241e47a9fdecbb593468ead951977_ppc64le",
"product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:1bdefa82ed71290123f6110a3bb9a9aba9f241e47a9fdecbb593468ead951977_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:1bdefa82ed71290123f6110a3bb9a9aba9f241e47a9fdecbb593468ead951977?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/node-exporter-rhel8@sha256:4a20372b3bdbad27be2a66394cf478510f46d1623196e0edef5f4d30b2c6a481_ppc64le",
"product": {
"name": "rhacm2/node-exporter-rhel8@sha256:4a20372b3bdbad27be2a66394cf478510f46d1623196e0edef5f4d30b2c6a481_ppc64le",
"product_id": "rhacm2/node-exporter-rhel8@sha256:4a20372b3bdbad27be2a66394cf478510f46d1623196e0edef5f4d30b2c6a481_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/node-exporter-rhel8@sha256:4a20372b3bdbad27be2a66394cf478510f46d1623196e0edef5f4d30b2c6a481?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8@sha256:e43c7a3af4de5d8933d6d961db25c3d635af7dbb62f9b69bdc72bc0b408e54e8_ppc64le",
"product": {
"name": "rhacm2/observatorium-rhel8@sha256:e43c7a3af4de5d8933d6d961db25c3d635af7dbb62f9b69bdc72bc0b408e54e8_ppc64le",
"product_id": "rhacm2/observatorium-rhel8@sha256:e43c7a3af4de5d8933d6d961db25c3d635af7dbb62f9b69bdc72bc0b408e54e8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8@sha256:e43c7a3af4de5d8933d6d961db25c3d635af7dbb62f9b69bdc72bc0b408e54e8?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8-operator@sha256:7e21e40121c3af549229b0933bfd6e9d0f705fa5285936c489c4df03a0625e71_ppc64le",
"product": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:7e21e40121c3af549229b0933bfd6e9d0f705fa5285936c489c4df03a0625e71_ppc64le",
"product_id": "rhacm2/observatorium-rhel8-operator@sha256:7e21e40121c3af549229b0933bfd6e9d0f705fa5285936c489c4df03a0625e71_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8-operator@sha256:7e21e40121c3af549229b0933bfd6e9d0f705fa5285936c489c4df03a0625e71?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.5.8-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:f3bc894a07da644b30e4f1961e027af4a77f6cae43c31a7f6c7cd7f2f15dbf5a_ppc64le",
"product": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:f3bc894a07da644b30e4f1961e027af4a77f6cae43c31a7f6c7cd7f2f15dbf5a_ppc64le",
"product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:f3bc894a07da644b30e4f1961e027af4a77f6cae43c31a7f6c7cd7f2f15dbf5a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:f3bc894a07da644b30e4f1961e027af4a77f6cae43c31a7f6c7cd7f2f15dbf5a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-rhel8@sha256:df47ccd132cc17cac35d4a597e2d1582d1086754b402b5579f177a54d7e8dec8_ppc64le",
"product": {
"name": "rhacm2/prometheus-rhel8@sha256:df47ccd132cc17cac35d4a597e2d1582d1086754b402b5579f177a54d7e8dec8_ppc64le",
"product_id": "rhacm2/prometheus-rhel8@sha256:df47ccd132cc17cac35d4a597e2d1582d1086754b402b5579f177a54d7e8dec8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel8@sha256:df47ccd132cc17cac35d4a597e2d1582d1086754b402b5579f177a54d7e8dec8?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:7a724abe99c4f15328d11c29ab2fd94dbed3771353d5eaf3dabcfab9a929b1ce_ppc64le",
"product": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:7a724abe99c4f15328d11c29ab2fd94dbed3771353d5eaf3dabcfab9a929b1ce_ppc64le",
"product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:7a724abe99c4f15328d11c29ab2fd94dbed3771353d5eaf3dabcfab9a929b1ce_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:7a724abe99c4f15328d11c29ab2fd94dbed3771353d5eaf3dabcfab9a929b1ce?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/redisgraph-tls-rhel8@sha256:aa4f75dc9257e6244b177efd1b727a6f42639dbaf26d8b1fff6013698548a2fd_ppc64le",
"product": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:aa4f75dc9257e6244b177efd1b727a6f42639dbaf26d8b1fff6013698548a2fd_ppc64le",
"product_id": "rhacm2/redisgraph-tls-rhel8@sha256:aa4f75dc9257e6244b177efd1b727a6f42639dbaf26d8b1fff6013698548a2fd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/redisgraph-tls-rhel8@sha256:aa4f75dc9257e6244b177efd1b727a6f42639dbaf26d8b1fff6013698548a2fd?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.5.8-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-aggregator-rhel8@sha256:fa9ca39b3ddb6213daa0350f27f7e2099a728de5aecc031032e688626e754382_ppc64le",
"product": {
"name": "rhacm2/search-aggregator-rhel8@sha256:fa9ca39b3ddb6213daa0350f27f7e2099a728de5aecc031032e688626e754382_ppc64le",
"product_id": "rhacm2/search-aggregator-rhel8@sha256:fa9ca39b3ddb6213daa0350f27f7e2099a728de5aecc031032e688626e754382_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/search-aggregator-rhel8@sha256:fa9ca39b3ddb6213daa0350f27f7e2099a728de5aecc031032e688626e754382?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-api-rhel8@sha256:03996c596cf7360aa4ab3b15e5cbaca13facb7a982ce6fb17e696f3b7711a4fa_ppc64le",
"product": {
"name": "rhacm2/search-api-rhel8@sha256:03996c596cf7360aa4ab3b15e5cbaca13facb7a982ce6fb17e696f3b7711a4fa_ppc64le",
"product_id": "rhacm2/search-api-rhel8@sha256:03996c596cf7360aa4ab3b15e5cbaca13facb7a982ce6fb17e696f3b7711a4fa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/search-api-rhel8@sha256:03996c596cf7360aa4ab3b15e5cbaca13facb7a982ce6fb17e696f3b7711a4fa?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-collector-rhel8@sha256:616a381b172de928f5460b77ecff39c0c285dc69efe52161755348f9dcf1318e_ppc64le",
"product": {
"name": "rhacm2/search-collector-rhel8@sha256:616a381b172de928f5460b77ecff39c0c285dc69efe52161755348f9dcf1318e_ppc64le",
"product_id": "rhacm2/search-collector-rhel8@sha256:616a381b172de928f5460b77ecff39c0c285dc69efe52161755348f9dcf1318e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/search-collector-rhel8@sha256:616a381b172de928f5460b77ecff39c0c285dc69efe52161755348f9dcf1318e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-rhel8@sha256:b3fccae0f3e18c5da3622307e020c0e102ddd33e93ccfce67b9dc2e2fd859b87_ppc64le",
"product": {
"name": "rhacm2/search-rhel8@sha256:b3fccae0f3e18c5da3622307e020c0e102ddd33e93ccfce67b9dc2e2fd859b87_ppc64le",
"product_id": "rhacm2/search-rhel8@sha256:b3fccae0f3e18c5da3622307e020c0e102ddd33e93ccfce67b9dc2e2fd859b87_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/search-rhel8@sha256:b3fccae0f3e18c5da3622307e020c0e102ddd33e93ccfce67b9dc2e2fd859b87?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-addon-rhel8@sha256:199c50f2e510493dd660739f4acbf831c4855b12927f531d1af6f96c76dba547_ppc64le",
"product": {
"name": "rhacm2/submariner-addon-rhel8@sha256:199c50f2e510493dd660739f4acbf831c4855b12927f531d1af6f96c76dba547_ppc64le",
"product_id": "rhacm2/submariner-addon-rhel8@sha256:199c50f2e510493dd660739f4acbf831c4855b12927f531d1af6f96c76dba547_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-addon-rhel8@sha256:199c50f2e510493dd660739f4acbf831c4855b12927f531d1af6f96c76dba547?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.5.8-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-rhel8@sha256:d3a26063213be409de7495218e0f1407280fef45c4cb140c2d1829932c0989d1_ppc64le",
"product": {
"name": "rhacm2/thanos-rhel8@sha256:d3a26063213be409de7495218e0f1407280fef45c4cb140c2d1829932c0989d1_ppc64le",
"product_id": "rhacm2/thanos-rhel8@sha256:d3a26063213be409de7495218e0f1407280fef45c4cb140c2d1829932c0989d1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel8@sha256:d3a26063213be409de7495218e0f1407280fef45c4cb140c2d1829932c0989d1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:a1ca558db817306610d0282bb2dcd95467478cf986d9eab68d63fcb915a0058e_ppc64le",
"product": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:a1ca558db817306610d0282bb2dcd95467478cf986d9eab68d63fcb915a0058e_ppc64le",
"product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:a1ca558db817306610d0282bb2dcd95467478cf986d9eab68d63fcb915a0058e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:a1ca558db817306610d0282bb2dcd95467478cf986d9eab68d63fcb915a0058e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.5.8-4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/acm-cluster-proxy-rhel8@sha256:79faff8ac18214edb139b4016afbf801ed922c6fe018309128d088ac75c869b7_amd64",
"product": {
"name": "rhacm2/acm-cluster-proxy-rhel8@sha256:79faff8ac18214edb139b4016afbf801ed922c6fe018309128d088ac75c869b7_amd64",
"product_id": "rhacm2/acm-cluster-proxy-rhel8@sha256:79faff8ac18214edb139b4016afbf801ed922c6fe018309128d088ac75c869b7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-cluster-proxy-rhel8@sha256:79faff8ac18214edb139b4016afbf801ed922c6fe018309128d088ac75c869b7?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-cluster-proxy-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:4780cf81b07b6a003804fd780dfe9cafa3ba8d3f27083095e9ea68ef7827613c_amd64",
"product": {
"name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:4780cf81b07b6a003804fd780dfe9cafa3ba8d3f27083095e9ea68ef7827613c_amd64",
"product_id": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:4780cf81b07b6a003804fd780dfe9cafa3ba8d3f27083095e9ea68ef7827613c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-governance-policy-addon-controller-rhel8@sha256:4780cf81b07b6a003804fd780dfe9cafa3ba8d3f27083095e9ea68ef7827613c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-grafana-rhel8@sha256:b2cf4eae8410b345ab5222673e73985854ad6a1684c0f0e41d5913d0cb697081_amd64",
"product": {
"name": "rhacm2/acm-grafana-rhel8@sha256:b2cf4eae8410b345ab5222673e73985854ad6a1684c0f0e41d5913d0cb697081_amd64",
"product_id": "rhacm2/acm-grafana-rhel8@sha256:b2cf4eae8410b345ab5222673e73985854ad6a1684c0f0e41d5913d0cb697081_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-grafana-rhel8@sha256:b2cf4eae8410b345ab5222673e73985854ad6a1684c0f0e41d5913d0cb697081?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-must-gather-rhel8@sha256:12ad5b3157e7702a0b05effd000978e8ad277b45aa6fc06b726e01e1142cd354_amd64",
"product": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:12ad5b3157e7702a0b05effd000978e8ad277b45aa6fc06b726e01e1142cd354_amd64",
"product_id": "rhacm2/acm-must-gather-rhel8@sha256:12ad5b3157e7702a0b05effd000978e8ad277b45aa6fc06b726e01e1142cd354_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-must-gather-rhel8@sha256:12ad5b3157e7702a0b05effd000978e8ad277b45aa6fc06b726e01e1142cd354?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-operator-bundle@sha256:95dc381e453cd2201b460cd5096de0f4d061e9fc9a6b6b4e4c4d283ec57e9286_amd64",
"product": {
"name": "rhacm2/acm-operator-bundle@sha256:95dc381e453cd2201b460cd5096de0f4d061e9fc9a6b6b4e4c4d283ec57e9286_amd64",
"product_id": "rhacm2/acm-operator-bundle@sha256:95dc381e453cd2201b460cd5096de0f4d061e9fc9a6b6b4e4c4d283ec57e9286_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-operator-bundle@sha256:95dc381e453cd2201b460cd5096de0f4d061e9fc9a6b6b4e4c4d283ec57e9286?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.5.8-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:1630964477b19fcf69f8eafdb83a39c8588a324819ffa415908a1de31f9fff2b_amd64",
"product": {
"name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:1630964477b19fcf69f8eafdb83a39c8588a324819ffa415908a1de31f9fff2b_amd64",
"product_id": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:1630964477b19fcf69f8eafdb83a39c8588a324819ffa415908a1de31f9fff2b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-prometheus-config-reloader-rhel8@sha256:1630964477b19fcf69f8eafdb83a39c8588a324819ffa415908a1de31f9fff2b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-prometheus-rhel8@sha256:7a3cccfe7a1a7b57d6aa1b3576e87134585db2f41bfff9b4b50fa54391ad8888_amd64",
"product": {
"name": "rhacm2/acm-prometheus-rhel8@sha256:7a3cccfe7a1a7b57d6aa1b3576e87134585db2f41bfff9b4b50fa54391ad8888_amd64",
"product_id": "rhacm2/acm-prometheus-rhel8@sha256:7a3cccfe7a1a7b57d6aa1b3576e87134585db2f41bfff9b4b50fa54391ad8888_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-prometheus-rhel8@sha256:7a3cccfe7a1a7b57d6aa1b3576e87134585db2f41bfff9b4b50fa54391ad8888?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:f6faa8e2ad741c66a4a9ba379dc898f25bf4765d01976bd8b4f395014c09967e_amd64",
"product": {
"name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:f6faa8e2ad741c66a4a9ba379dc898f25bf4765d01976bd8b4f395014c09967e_amd64",
"product_id": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:f6faa8e2ad741c66a4a9ba379dc898f25bf4765d01976bd8b4f395014c09967e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-volsync-addon-controller-rhel8@sha256:f6faa8e2ad741c66a4a9ba379dc898f25bf4765d01976bd8b4f395014c09967e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cert-policy-controller-rhel8@sha256:694c13fb7de1591dd9c0a2441662cf9703dad6352a5c7b83600fe140cb443fef_amd64",
"product": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:694c13fb7de1591dd9c0a2441662cf9703dad6352a5c7b83600fe140cb443fef_amd64",
"product_id": "rhacm2/cert-policy-controller-rhel8@sha256:694c13fb7de1591dd9c0a2441662cf9703dad6352a5c7b83600fe140cb443fef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cert-policy-controller-rhel8@sha256:694c13fb7de1591dd9c0a2441662cf9703dad6352a5c7b83600fe140cb443fef?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:1af56fa1c3c76044c8452ce2dd903a53fdc4e3e017dcb67a1e85341e8fc0a28f_amd64",
"product": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:1af56fa1c3c76044c8452ce2dd903a53fdc4e3e017dcb67a1e85341e8fc0a28f_amd64",
"product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:1af56fa1c3c76044c8452ce2dd903a53fdc4e3e017dcb67a1e85341e8fc0a28f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:1af56fa1c3c76044c8452ce2dd903a53fdc4e3e017dcb67a1e85341e8fc0a28f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:a14e9bf26af979c1da90a9b12a970069302db8de309eaf94f4b94826938cab49_amd64",
"product": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:a14e9bf26af979c1da90a9b12a970069302db8de309eaf94f4b94826938cab49_amd64",
"product_id": "rhacm2/cluster-proxy-addon-rhel8@sha256:a14e9bf26af979c1da90a9b12a970069302db8de309eaf94f4b94826938cab49_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel8@sha256:a14e9bf26af979c1da90a9b12a970069302db8de309eaf94f4b94826938cab49?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cluster-proxy-addon-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/config-policy-controller-rhel8@sha256:cfdf9d8d8bd73f9f137830bfd3f00abf4e4e82cbecfe96c81b99a7ff8410dbff_amd64",
"product": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:cfdf9d8d8bd73f9f137830bfd3f00abf4e4e82cbecfe96c81b99a7ff8410dbff_amd64",
"product_id": "rhacm2/config-policy-controller-rhel8@sha256:cfdf9d8d8bd73f9f137830bfd3f00abf4e4e82cbecfe96c81b99a7ff8410dbff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/config-policy-controller-rhel8@sha256:cfdf9d8d8bd73f9f137830bfd3f00abf4e4e82cbecfe96c81b99a7ff8410dbff?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-rhel8@sha256:c0692ce4672eed1258569ce2d166a39bcce1d0276ed2b910eca1604f012d3444_amd64",
"product": {
"name": "rhacm2/console-rhel8@sha256:c0692ce4672eed1258569ce2d166a39bcce1d0276ed2b910eca1604f012d3444_amd64",
"product_id": "rhacm2/console-rhel8@sha256:c0692ce4672eed1258569ce2d166a39bcce1d0276ed2b910eca1604f012d3444_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-rhel8@sha256:c0692ce4672eed1258569ce2d166a39bcce1d0276ed2b910eca1604f012d3444?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.5.8-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1ff7d70f504c4e14edc8df0c3f9cf58f22561f08bbf1f2f3985160b221ac3d_amd64",
"product": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1ff7d70f504c4e14edc8df0c3f9cf58f22561f08bbf1f2f3985160b221ac3d_amd64",
"product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1ff7d70f504c4e14edc8df0c3f9cf58f22561f08bbf1f2f3985160b221ac3d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:7f1ff7d70f504c4e14edc8df0c3f9cf58f22561f08bbf1f2f3985160b221ac3d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:ebfd9e8df0e526dae8ee90a7964ed4d40c6b8d10b105284855c1023a43c47960_amd64",
"product": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:ebfd9e8df0e526dae8ee90a7964ed4d40c6b8d10b105284855c1023a43c47960_amd64",
"product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:ebfd9e8df0e526dae8ee90a7964ed4d40c6b8d10b105284855c1023a43c47960_amd64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:ebfd9e8df0e526dae8ee90a7964ed4d40c6b8d10b105284855c1023a43c47960?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:ea9ff26561b4bf178ca2ad2ed621e1e4174a7a4d6812a1c09a19f026c7097110_amd64",
"product": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:ea9ff26561b4bf178ca2ad2ed621e1e4174a7a4d6812a1c09a19f026c7097110_amd64",
"product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:ea9ff26561b4bf178ca2ad2ed621e1e4174a7a4d6812a1c09a19f026c7097110_amd64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:ea9ff26561b4bf178ca2ad2ed621e1e4174a7a4d6812a1c09a19f026c7097110?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:57ba12f9bfbe0a5b4c8c68aa0372ecde4f60162405e70d0e87c157839ef0c7f2_amd64",
"product": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:57ba12f9bfbe0a5b4c8c68aa0372ecde4f60162405e70d0e87c157839ef0c7f2_amd64",
"product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:57ba12f9bfbe0a5b4c8c68aa0372ecde4f60162405e70d0e87c157839ef0c7f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:57ba12f9bfbe0a5b4c8c68aa0372ecde4f60162405e70d0e87c157839ef0c7f2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:caf169dcb0e561d6c25deb4dc12f5a28955fd7f998de5ef95f7aa5c4b781c34a_amd64",
"product": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:caf169dcb0e561d6c25deb4dc12f5a28955fd7f998de5ef95f7aa5c4b781c34a_amd64",
"product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:caf169dcb0e561d6c25deb4dc12f5a28955fd7f998de5ef95f7aa5c4b781c34a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:caf169dcb0e561d6c25deb4dc12f5a28955fd7f998de5ef95f7aa5c4b781c34a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:abc83c5c4ba389637fc51d113639042e6d670bb601f564350e3cb5759c63c8b8_amd64",
"product": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:abc83c5c4ba389637fc51d113639042e6d670bb601f564350e3cb5759c63c8b8_amd64",
"product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:abc83c5c4ba389637fc51d113639042e6d670bb601f564350e3cb5759c63c8b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:abc83c5c4ba389637fc51d113639042e6d670bb601f564350e3cb5759c63c8b8?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/iam-policy-controller-rhel8@sha256:fe6035d3ceaeeb5613d843f9d9f2ac54ee2feee4acb5cdb90a67e91ddb559ca7_amd64",
"product": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:fe6035d3ceaeeb5613d843f9d9f2ac54ee2feee4acb5cdb90a67e91ddb559ca7_amd64",
"product_id": "rhacm2/iam-policy-controller-rhel8@sha256:fe6035d3ceaeeb5613d843f9d9f2ac54ee2feee4acb5cdb90a67e91ddb559ca7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/iam-policy-controller-rhel8@sha256:fe6035d3ceaeeb5613d843f9d9f2ac54ee2feee4acb5cdb90a67e91ddb559ca7?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-client-rhel8@sha256:a9e826524107d040b3be58c5d63c5c43255af422f354c629cfccb27fbbc90f03_amd64",
"product": {
"name": "rhacm2/insights-client-rhel8@sha256:a9e826524107d040b3be58c5d63c5c43255af422f354c629cfccb27fbbc90f03_amd64",
"product_id": "rhacm2/insights-client-rhel8@sha256:a9e826524107d040b3be58c5d63c5c43255af422f354c629cfccb27fbbc90f03_amd64",
"product_identification_helper": {
"purl": "pkg:oci/insights-client-rhel8@sha256:a9e826524107d040b3be58c5d63c5c43255af422f354c629cfccb27fbbc90f03?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-metrics-rhel8@sha256:82c5835e7bd90ab24530f0819e890abb638bdc67febb6e9c27381037e58ee337_amd64",
"product": {
"name": "rhacm2/insights-metrics-rhel8@sha256:82c5835e7bd90ab24530f0819e890abb638bdc67febb6e9c27381037e58ee337_amd64",
"product_id": "rhacm2/insights-metrics-rhel8@sha256:82c5835e7bd90ab24530f0819e890abb638bdc67febb6e9c27381037e58ee337_amd64",
"product_identification_helper": {
"purl": "pkg:oci/insights-metrics-rhel8@sha256:82c5835e7bd90ab24530f0819e890abb638bdc67febb6e9c27381037e58ee337?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:0ff0f35f5963130b202c05d9a349b60b32ac3934e4e1e0b537d1cae1a5b4dddd_amd64",
"product": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:0ff0f35f5963130b202c05d9a349b60b32ac3934e4e1e0b537d1cae1a5b4dddd_amd64",
"product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:0ff0f35f5963130b202c05d9a349b60b32ac3934e4e1e0b537d1cae1a5b4dddd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:0ff0f35f5963130b202c05d9a349b60b32ac3934e4e1e0b537d1cae1a5b4dddd?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:8403e6090adcc06402b6f523848e68c6ea3199a65aea23133b9cb4efd643d12e_amd64",
"product": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:8403e6090adcc06402b6f523848e68c6ea3199a65aea23133b9cb4efd643d12e_amd64",
"product_id": "rhacm2/klusterlet-addon-rhel8-operator@sha256:8403e6090adcc06402b6f523848e68c6ea3199a65aea23133b9cb4efd643d12e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-rhel8-operator@sha256:8403e6090adcc06402b6f523848e68c6ea3199a65aea23133b9cb4efd643d12e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-rhel8-operator\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:48027540bab7cba6ba0d0fbe5fa1405e4fff1e400603662e406b3b8250becb17_amd64",
"product": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:48027540bab7cba6ba0d0fbe5fa1405e4fff1e400603662e406b3b8250becb17_amd64",
"product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:48027540bab7cba6ba0d0fbe5fa1405e4fff1e400603662e406b3b8250becb17_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:48027540bab7cba6ba0d0fbe5fa1405e4fff1e400603662e406b3b8250becb17?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-state-metrics-rhel8@sha256:fd1c3172d4e524dbdd236f25395eca3b0fecefe566bddf817fee2a2d6c11ce41_amd64",
"product": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:fd1c3172d4e524dbdd236f25395eca3b0fecefe566bddf817fee2a2d6c11ce41_amd64",
"product_id": "rhacm2/kube-state-metrics-rhel8@sha256:fd1c3172d4e524dbdd236f25395eca3b0fecefe566bddf817fee2a2d6c11ce41_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kube-state-metrics-rhel8@sha256:fd1c3172d4e524dbdd236f25395eca3b0fecefe566bddf817fee2a2d6c11ce41?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/management-ingress-rhel8@sha256:2dc95682188c90fddfcfd844881e636371a8febe0106397888b9647cccd82e22_amd64",
"product": {
"name": "rhacm2/management-ingress-rhel8@sha256:2dc95682188c90fddfcfd844881e636371a8febe0106397888b9647cccd82e22_amd64",
"product_id": "rhacm2/management-ingress-rhel8@sha256:2dc95682188c90fddfcfd844881e636371a8febe0106397888b9647cccd82e22_amd64",
"product_identification_helper": {
"purl": "pkg:oci/management-ingress-rhel8@sha256:2dc95682188c90fddfcfd844881e636371a8febe0106397888b9647cccd82e22?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-rhel8@sha256:23a56996738b70dde20a1cdc501b827827ba36894db8cd9826363b69d8839fa8_amd64",
"product": {
"name": "rhacm2/memcached-rhel8@sha256:23a56996738b70dde20a1cdc501b827827ba36894db8cd9826363b69d8839fa8_amd64",
"product_id": "rhacm2/memcached-rhel8@sha256:23a56996738b70dde20a1cdc501b827827ba36894db8cd9826363b69d8839fa8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/memcached-rhel8@sha256:23a56996738b70dde20a1cdc501b827827ba36894db8cd9826363b69d8839fa8?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.5.8-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-exporter-rhel8@sha256:f3dd4ab4cec97b6386d184840458d280d0bdf87e2e1655979b6993375e999fb4_amd64",
"product": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:f3dd4ab4cec97b6386d184840458d280d0bdf87e2e1655979b6993375e999fb4_amd64",
"product_id": "rhacm2/memcached-exporter-rhel8@sha256:f3dd4ab4cec97b6386d184840458d280d0bdf87e2e1655979b6993375e999fb4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/memcached-exporter-rhel8@sha256:f3dd4ab4cec97b6386d184840458d280d0bdf87e2e1655979b6993375e999fb4?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/metrics-collector-rhel8@sha256:847f175776002883e98bc65bd0c4b41ec77f4b7c7b732beca3fbd9b5381e28cf_amd64",
"product": {
"name": "rhacm2/metrics-collector-rhel8@sha256:847f175776002883e98bc65bd0c4b41ec77f4b7c7b732beca3fbd9b5381e28cf_amd64",
"product_id": "rhacm2/metrics-collector-rhel8@sha256:847f175776002883e98bc65bd0c4b41ec77f4b7c7b732beca3fbd9b5381e28cf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/metrics-collector-rhel8@sha256:847f175776002883e98bc65bd0c4b41ec77f4b7c7b732beca3fbd9b5381e28cf?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-integrations-rhel8@sha256:9cf5c2d969971bb650ef6292e297f17d60aba96495656e86d2dfab6a63506bfb_amd64",
"product": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:9cf5c2d969971bb650ef6292e297f17d60aba96495656e86d2dfab6a63506bfb_amd64",
"product_id": "rhacm2/multicloud-integrations-rhel8@sha256:9cf5c2d969971bb650ef6292e297f17d60aba96495656e86d2dfab6a63506bfb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-integrations-rhel8@sha256:9cf5c2d969971bb650ef6292e297f17d60aba96495656e86d2dfab6a63506bfb?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-rhel8@sha256:2762fa7fbdf750aa78402ac7342666868e01191f2eb19f45fade7da1a0267995_amd64",
"product": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:2762fa7fbdf750aa78402ac7342666868e01191f2eb19f45fade7da1a0267995_amd64",
"product_id": "rhacm2/multiclusterhub-rhel8@sha256:2762fa7fbdf750aa78402ac7342666868e01191f2eb19f45fade7da1a0267995_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-rhel8@sha256:2762fa7fbdf750aa78402ac7342666868e01191f2eb19f45fade7da1a0267995?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:b9490680a3ecd5a5888370a2d6008ce5e9a5734213848f9ca40e3ead9a87c561_amd64",
"product": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:b9490680a3ecd5a5888370a2d6008ce5e9a5734213848f9ca40e3ead9a87c561_amd64",
"product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:b9490680a3ecd5a5888370a2d6008ce5e9a5734213848f9ca40e3ead9a87c561_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:b9490680a3ecd5a5888370a2d6008ce5e9a5734213848f9ca40e3ead9a87c561?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:9dc50b329620f973b487851c178c117c98458ca0345e95cfe132077eb41ec82f_amd64",
"product": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:9dc50b329620f973b487851c178c117c98458ca0345e95cfe132077eb41ec82f_amd64",
"product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:9dc50b329620f973b487851c178c117c98458ca0345e95cfe132077eb41ec82f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:9dc50b329620f973b487851c178c117c98458ca0345e95cfe132077eb41ec82f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:6d027f6201b58eaf5cf7f8e00ab3892b06cfe51cea0398779a0c610c24d973a3_amd64",
"product": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:6d027f6201b58eaf5cf7f8e00ab3892b06cfe51cea0398779a0c610c24d973a3_amd64",
"product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:6d027f6201b58eaf5cf7f8e00ab3892b06cfe51cea0398779a0c610c24d973a3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:6d027f6201b58eaf5cf7f8e00ab3892b06cfe51cea0398779a0c610c24d973a3?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:a84876ffe39b4d4ff88202aa4f7b003b5bb5d6c861f2f06d12f3f6c1eee76b5d_amd64",
"product": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:a84876ffe39b4d4ff88202aa4f7b003b5bb5d6c861f2f06d12f3f6c1eee76b5d_amd64",
"product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:a84876ffe39b4d4ff88202aa4f7b003b5bb5d6c861f2f06d12f3f6c1eee76b5d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:a84876ffe39b4d4ff88202aa4f7b003b5bb5d6c861f2f06d12f3f6c1eee76b5d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:7701135183a6283a7ec73e1a8431ec1f4056b73d5aff083ffcdfc34a4061c77a_amd64",
"product": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:7701135183a6283a7ec73e1a8431ec1f4056b73d5aff083ffcdfc34a4061c77a_amd64",
"product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:7701135183a6283a7ec73e1a8431ec1f4056b73d5aff083ffcdfc34a4061c77a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:7701135183a6283a7ec73e1a8431ec1f4056b73d5aff083ffcdfc34a4061c77a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/node-exporter-rhel8@sha256:d451edefd87f86ddfc042c1216e76e3e6a94cd4375ac3626c3c1dcaca88827d6_amd64",
"product": {
"name": "rhacm2/node-exporter-rhel8@sha256:d451edefd87f86ddfc042c1216e76e3e6a94cd4375ac3626c3c1dcaca88827d6_amd64",
"product_id": "rhacm2/node-exporter-rhel8@sha256:d451edefd87f86ddfc042c1216e76e3e6a94cd4375ac3626c3c1dcaca88827d6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/node-exporter-rhel8@sha256:d451edefd87f86ddfc042c1216e76e3e6a94cd4375ac3626c3c1dcaca88827d6?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8@sha256:ddf8516f281d15b217becd9bc79c56ac30bc814ed607a76cd5244d1a270e2efe_amd64",
"product": {
"name": "rhacm2/observatorium-rhel8@sha256:ddf8516f281d15b217becd9bc79c56ac30bc814ed607a76cd5244d1a270e2efe_amd64",
"product_id": "rhacm2/observatorium-rhel8@sha256:ddf8516f281d15b217becd9bc79c56ac30bc814ed607a76cd5244d1a270e2efe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8@sha256:ddf8516f281d15b217becd9bc79c56ac30bc814ed607a76cd5244d1a270e2efe?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8-operator@sha256:69af1060e3e46d6b50e7236dff741d74c2f79b1d6791f5f14079d32caa93adc4_amd64",
"product": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:69af1060e3e46d6b50e7236dff741d74c2f79b1d6791f5f14079d32caa93adc4_amd64",
"product_id": "rhacm2/observatorium-rhel8-operator@sha256:69af1060e3e46d6b50e7236dff741d74c2f79b1d6791f5f14079d32caa93adc4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8-operator@sha256:69af1060e3e46d6b50e7236dff741d74c2f79b1d6791f5f14079d32caa93adc4?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.5.8-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:5136daa52d90cb01f36e9c8893c9258a4d4897da9d643aa55bbe70dd595069fa_amd64",
"product": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:5136daa52d90cb01f36e9c8893c9258a4d4897da9d643aa55bbe70dd595069fa_amd64",
"product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:5136daa52d90cb01f36e9c8893c9258a4d4897da9d643aa55bbe70dd595069fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:5136daa52d90cb01f36e9c8893c9258a4d4897da9d643aa55bbe70dd595069fa?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-rhel8@sha256:4e89bd8af4de796b1664facfb75472e04f3a100e05a31c465e0fc1632f2d8922_amd64",
"product": {
"name": "rhacm2/prometheus-rhel8@sha256:4e89bd8af4de796b1664facfb75472e04f3a100e05a31c465e0fc1632f2d8922_amd64",
"product_id": "rhacm2/prometheus-rhel8@sha256:4e89bd8af4de796b1664facfb75472e04f3a100e05a31c465e0fc1632f2d8922_amd64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel8@sha256:4e89bd8af4de796b1664facfb75472e04f3a100e05a31c465e0fc1632f2d8922?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:34d2b9425cf277415a42493a53de6c08d23f5fbec34adfac581e161ef112a751_amd64",
"product": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:34d2b9425cf277415a42493a53de6c08d23f5fbec34adfac581e161ef112a751_amd64",
"product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:34d2b9425cf277415a42493a53de6c08d23f5fbec34adfac581e161ef112a751_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:34d2b9425cf277415a42493a53de6c08d23f5fbec34adfac581e161ef112a751?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/redisgraph-tls-rhel8@sha256:97cda65bbc9c9da02d5cb804354ddd5879787dcc0d87e354b20fbb66d0a88c22_amd64",
"product": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:97cda65bbc9c9da02d5cb804354ddd5879787dcc0d87e354b20fbb66d0a88c22_amd64",
"product_id": "rhacm2/redisgraph-tls-rhel8@sha256:97cda65bbc9c9da02d5cb804354ddd5879787dcc0d87e354b20fbb66d0a88c22_amd64",
"product_identification_helper": {
"purl": "pkg:oci/redisgraph-tls-rhel8@sha256:97cda65bbc9c9da02d5cb804354ddd5879787dcc0d87e354b20fbb66d0a88c22?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.5.8-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-aggregator-rhel8@sha256:442cccd2570283d4b98fd115ca354905121e375560332f1718e790e431caa87a_amd64",
"product": {
"name": "rhacm2/search-aggregator-rhel8@sha256:442cccd2570283d4b98fd115ca354905121e375560332f1718e790e431caa87a_amd64",
"product_id": "rhacm2/search-aggregator-rhel8@sha256:442cccd2570283d4b98fd115ca354905121e375560332f1718e790e431caa87a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/search-aggregator-rhel8@sha256:442cccd2570283d4b98fd115ca354905121e375560332f1718e790e431caa87a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-api-rhel8@sha256:ab64cf0bbd15cef347b302a1933dc88172f5db8f730d758177639c8f869e063c_amd64",
"product": {
"name": "rhacm2/search-api-rhel8@sha256:ab64cf0bbd15cef347b302a1933dc88172f5db8f730d758177639c8f869e063c_amd64",
"product_id": "rhacm2/search-api-rhel8@sha256:ab64cf0bbd15cef347b302a1933dc88172f5db8f730d758177639c8f869e063c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/search-api-rhel8@sha256:ab64cf0bbd15cef347b302a1933dc88172f5db8f730d758177639c8f869e063c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-collector-rhel8@sha256:73141807ef57fa62d1f827956d1835bed5e9fe8033fa51429cba6c055fca9cd7_amd64",
"product": {
"name": "rhacm2/search-collector-rhel8@sha256:73141807ef57fa62d1f827956d1835bed5e9fe8033fa51429cba6c055fca9cd7_amd64",
"product_id": "rhacm2/search-collector-rhel8@sha256:73141807ef57fa62d1f827956d1835bed5e9fe8033fa51429cba6c055fca9cd7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/search-collector-rhel8@sha256:73141807ef57fa62d1f827956d1835bed5e9fe8033fa51429cba6c055fca9cd7?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-rhel8@sha256:1247fd4ec39b8eabe95101251efe86f5cf3f652e46ab54fe218b9b595dfb0eb2_amd64",
"product": {
"name": "rhacm2/search-rhel8@sha256:1247fd4ec39b8eabe95101251efe86f5cf3f652e46ab54fe218b9b595dfb0eb2_amd64",
"product_id": "rhacm2/search-rhel8@sha256:1247fd4ec39b8eabe95101251efe86f5cf3f652e46ab54fe218b9b595dfb0eb2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/search-rhel8@sha256:1247fd4ec39b8eabe95101251efe86f5cf3f652e46ab54fe218b9b595dfb0eb2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-addon-rhel8@sha256:148cce1e22e9112eadd38e60af4b5f4b5c483569646e84cf859d17c6b9d37f57_amd64",
"product": {
"name": "rhacm2/submariner-addon-rhel8@sha256:148cce1e22e9112eadd38e60af4b5f4b5c483569646e84cf859d17c6b9d37f57_amd64",
"product_id": "rhacm2/submariner-addon-rhel8@sha256:148cce1e22e9112eadd38e60af4b5f4b5c483569646e84cf859d17c6b9d37f57_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-addon-rhel8@sha256:148cce1e22e9112eadd38e60af4b5f4b5c483569646e84cf859d17c6b9d37f57?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.5.8-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-rhel8@sha256:0c9b23fa9b2fb28fc7a36a80c8a34a525b5f112c4bf956d258c41a2fc731f94d_amd64",
"product": {
"name": "rhacm2/thanos-rhel8@sha256:0c9b23fa9b2fb28fc7a36a80c8a34a525b5f112c4bf956d258c41a2fc731f94d_amd64",
"product_id": "rhacm2/thanos-rhel8@sha256:0c9b23fa9b2fb28fc7a36a80c8a34a525b5f112c4bf956d258c41a2fc731f94d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel8@sha256:0c9b23fa9b2fb28fc7a36a80c8a34a525b5f112c4bf956d258c41a2fc731f94d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:03e5c4e4dc14a3486ea7e682dea8b0eeb22f7316a309f15de69e85c988c06fd7_amd64",
"product": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:03e5c4e4dc14a3486ea7e682dea8b0eeb22f7316a309f15de69e85c988c06fd7_amd64",
"product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:03e5c4e4dc14a3486ea7e682dea8b0eeb22f7316a309f15de69e85c988c06fd7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:03e5c4e4dc14a3486ea7e682dea8b0eeb22f7316a309f15de69e85c988c06fd7?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.5.8-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/acm-cluster-proxy-rhel8@sha256:42026bfa5539615a6c17d07a02f86c1dcf2dae850fb83f813527545240338148_s390x",
"product": {
"name": "rhacm2/acm-cluster-proxy-rhel8@sha256:42026bfa5539615a6c17d07a02f86c1dcf2dae850fb83f813527545240338148_s390x",
"product_id": "rhacm2/acm-cluster-proxy-rhel8@sha256:42026bfa5539615a6c17d07a02f86c1dcf2dae850fb83f813527545240338148_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-cluster-proxy-rhel8@sha256:42026bfa5539615a6c17d07a02f86c1dcf2dae850fb83f813527545240338148?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-cluster-proxy-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:12f96d091141a222cf30155e1bf0f2602af874877fe079d2b0d3c03a8c923db9_s390x",
"product": {
"name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:12f96d091141a222cf30155e1bf0f2602af874877fe079d2b0d3c03a8c923db9_s390x",
"product_id": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:12f96d091141a222cf30155e1bf0f2602af874877fe079d2b0d3c03a8c923db9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-governance-policy-addon-controller-rhel8@sha256:12f96d091141a222cf30155e1bf0f2602af874877fe079d2b0d3c03a8c923db9?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-grafana-rhel8@sha256:d246af9d90b8fd808763baf870a9ac1665bf04e5e0c8ac442e51e6be50a2a9c8_s390x",
"product": {
"name": "rhacm2/acm-grafana-rhel8@sha256:d246af9d90b8fd808763baf870a9ac1665bf04e5e0c8ac442e51e6be50a2a9c8_s390x",
"product_id": "rhacm2/acm-grafana-rhel8@sha256:d246af9d90b8fd808763baf870a9ac1665bf04e5e0c8ac442e51e6be50a2a9c8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-grafana-rhel8@sha256:d246af9d90b8fd808763baf870a9ac1665bf04e5e0c8ac442e51e6be50a2a9c8?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-must-gather-rhel8@sha256:d70951cdff2f6c5781d39bb30190048b6a32b75c2c1d3b7db308574e578cd7d1_s390x",
"product": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:d70951cdff2f6c5781d39bb30190048b6a32b75c2c1d3b7db308574e578cd7d1_s390x",
"product_id": "rhacm2/acm-must-gather-rhel8@sha256:d70951cdff2f6c5781d39bb30190048b6a32b75c2c1d3b7db308574e578cd7d1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-must-gather-rhel8@sha256:d70951cdff2f6c5781d39bb30190048b6a32b75c2c1d3b7db308574e578cd7d1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-operator-bundle@sha256:b46e6e7b2b79f0bfc292df064ed34d4efeada493b0ce770403c7cbdf3bb44662_s390x",
"product": {
"name": "rhacm2/acm-operator-bundle@sha256:b46e6e7b2b79f0bfc292df064ed34d4efeada493b0ce770403c7cbdf3bb44662_s390x",
"product_id": "rhacm2/acm-operator-bundle@sha256:b46e6e7b2b79f0bfc292df064ed34d4efeada493b0ce770403c7cbdf3bb44662_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-operator-bundle@sha256:b46e6e7b2b79f0bfc292df064ed34d4efeada493b0ce770403c7cbdf3bb44662?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.5.8-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b07234d4c68754696040d68aac03a11d6303d6a2d7358e1213a492f3e25b92bf_s390x",
"product": {
"name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b07234d4c68754696040d68aac03a11d6303d6a2d7358e1213a492f3e25b92bf_s390x",
"product_id": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b07234d4c68754696040d68aac03a11d6303d6a2d7358e1213a492f3e25b92bf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-prometheus-config-reloader-rhel8@sha256:b07234d4c68754696040d68aac03a11d6303d6a2d7358e1213a492f3e25b92bf?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-prometheus-rhel8@sha256:c8213633b8e670bf33b22ca87c8a309558ce4740b709847174c2ab366df324b0_s390x",
"product": {
"name": "rhacm2/acm-prometheus-rhel8@sha256:c8213633b8e670bf33b22ca87c8a309558ce4740b709847174c2ab366df324b0_s390x",
"product_id": "rhacm2/acm-prometheus-rhel8@sha256:c8213633b8e670bf33b22ca87c8a309558ce4740b709847174c2ab366df324b0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-prometheus-rhel8@sha256:c8213633b8e670bf33b22ca87c8a309558ce4740b709847174c2ab366df324b0?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:c6f835ad002890b59bc09b4da920c74f9b7a2777a8d149c6584e279888418dd1_s390x",
"product": {
"name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:c6f835ad002890b59bc09b4da920c74f9b7a2777a8d149c6584e279888418dd1_s390x",
"product_id": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:c6f835ad002890b59bc09b4da920c74f9b7a2777a8d149c6584e279888418dd1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-volsync-addon-controller-rhel8@sha256:c6f835ad002890b59bc09b4da920c74f9b7a2777a8d149c6584e279888418dd1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cert-policy-controller-rhel8@sha256:eabe8d58dccadd52e9e668652cbe56bcd64b0518a81928dbed1bc7140e5d9056_s390x",
"product": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:eabe8d58dccadd52e9e668652cbe56bcd64b0518a81928dbed1bc7140e5d9056_s390x",
"product_id": "rhacm2/cert-policy-controller-rhel8@sha256:eabe8d58dccadd52e9e668652cbe56bcd64b0518a81928dbed1bc7140e5d9056_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cert-policy-controller-rhel8@sha256:eabe8d58dccadd52e9e668652cbe56bcd64b0518a81928dbed1bc7140e5d9056?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:de535249ca4da9dac78a074b64c3d4bef794750a7529d800e4725dfabc4a462b_s390x",
"product": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:de535249ca4da9dac78a074b64c3d4bef794750a7529d800e4725dfabc4a462b_s390x",
"product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:de535249ca4da9dac78a074b64c3d4bef794750a7529d800e4725dfabc4a462b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:de535249ca4da9dac78a074b64c3d4bef794750a7529d800e4725dfabc4a462b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:934a586cc479b35ff5f665f327c77ceaeec953b368bd2bcd375c3e4e28dacd62_s390x",
"product": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:934a586cc479b35ff5f665f327c77ceaeec953b368bd2bcd375c3e4e28dacd62_s390x",
"product_id": "rhacm2/cluster-proxy-addon-rhel8@sha256:934a586cc479b35ff5f665f327c77ceaeec953b368bd2bcd375c3e4e28dacd62_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel8@sha256:934a586cc479b35ff5f665f327c77ceaeec953b368bd2bcd375c3e4e28dacd62?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cluster-proxy-addon-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/config-policy-controller-rhel8@sha256:f844d954943c1641b3d14609ba02ff68b196f78bc25d09387893b80afcca6991_s390x",
"product": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:f844d954943c1641b3d14609ba02ff68b196f78bc25d09387893b80afcca6991_s390x",
"product_id": "rhacm2/config-policy-controller-rhel8@sha256:f844d954943c1641b3d14609ba02ff68b196f78bc25d09387893b80afcca6991_s390x",
"product_identification_helper": {
"purl": "pkg:oci/config-policy-controller-rhel8@sha256:f844d954943c1641b3d14609ba02ff68b196f78bc25d09387893b80afcca6991?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-rhel8@sha256:349e86cf0b80d820089c9f694fc24e9ad4901819ee53b8aea3724a750b8f85aa_s390x",
"product": {
"name": "rhacm2/console-rhel8@sha256:349e86cf0b80d820089c9f694fc24e9ad4901819ee53b8aea3724a750b8f85aa_s390x",
"product_id": "rhacm2/console-rhel8@sha256:349e86cf0b80d820089c9f694fc24e9ad4901819ee53b8aea3724a750b8f85aa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-rhel8@sha256:349e86cf0b80d820089c9f694fc24e9ad4901819ee53b8aea3724a750b8f85aa?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.5.8-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1b96ba99a5b502cb1a128da6deef8fd9bdbf85750d331a9673161795796147_s390x",
"product": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1b96ba99a5b502cb1a128da6deef8fd9bdbf85750d331a9673161795796147_s390x",
"product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1b96ba99a5b502cb1a128da6deef8fd9bdbf85750d331a9673161795796147_s390x",
"product_identification_helper": {
"purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:7f1b96ba99a5b502cb1a128da6deef8fd9bdbf85750d331a9673161795796147?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:853b393a1e2b36206f6f76a6986a21b9a699848fc19cf4063a8af02fb1526be5_s390x",
"product": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:853b393a1e2b36206f6f76a6986a21b9a699848fc19cf4063a8af02fb1526be5_s390x",
"product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:853b393a1e2b36206f6f76a6986a21b9a699848fc19cf4063a8af02fb1526be5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:853b393a1e2b36206f6f76a6986a21b9a699848fc19cf4063a8af02fb1526be5?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:1dd978c5a126f4d77754b6ecf92fe43f8451bc705e8f04a948963de3e2156c8c_s390x",
"product": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:1dd978c5a126f4d77754b6ecf92fe43f8451bc705e8f04a948963de3e2156c8c_s390x",
"product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:1dd978c5a126f4d77754b6ecf92fe43f8451bc705e8f04a948963de3e2156c8c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:1dd978c5a126f4d77754b6ecf92fe43f8451bc705e8f04a948963de3e2156c8c?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:5e991a67ed60a2e7d9c63f7ba448d2b1ea851cf80b4b8bbf921c6aab4fb31991_s390x",
"product": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:5e991a67ed60a2e7d9c63f7ba448d2b1ea851cf80b4b8bbf921c6aab4fb31991_s390x",
"product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:5e991a67ed60a2e7d9c63f7ba448d2b1ea851cf80b4b8bbf921c6aab4fb31991_s390x",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:5e991a67ed60a2e7d9c63f7ba448d2b1ea851cf80b4b8bbf921c6aab4fb31991?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:9ba5f63e9594b8507b617c136eb79b006202bf36e0dda88586eba69b8950727e_s390x",
"product": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:9ba5f63e9594b8507b617c136eb79b006202bf36e0dda88586eba69b8950727e_s390x",
"product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:9ba5f63e9594b8507b617c136eb79b006202bf36e0dda88586eba69b8950727e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:9ba5f63e9594b8507b617c136eb79b006202bf36e0dda88586eba69b8950727e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:03f136165015a319b3ec01b1e45c6011928a856557fbd3448e85a05ac41a5d33_s390x",
"product": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:03f136165015a319b3ec01b1e45c6011928a856557fbd3448e85a05ac41a5d33_s390x",
"product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:03f136165015a319b3ec01b1e45c6011928a856557fbd3448e85a05ac41a5d33_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:03f136165015a319b3ec01b1e45c6011928a856557fbd3448e85a05ac41a5d33?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/iam-policy-controller-rhel8@sha256:7ffb5597a30cff6a3354297b49f9abc40659af14969912dbbae18f1b8e02d040_s390x",
"product": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:7ffb5597a30cff6a3354297b49f9abc40659af14969912dbbae18f1b8e02d040_s390x",
"product_id": "rhacm2/iam-policy-controller-rhel8@sha256:7ffb5597a30cff6a3354297b49f9abc40659af14969912dbbae18f1b8e02d040_s390x",
"product_identification_helper": {
"purl": "pkg:oci/iam-policy-controller-rhel8@sha256:7ffb5597a30cff6a3354297b49f9abc40659af14969912dbbae18f1b8e02d040?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-client-rhel8@sha256:bd3b882f8e39f32ca41ae5f063dac4a5952f87aa6742f9e64b70f652d687b451_s390x",
"product": {
"name": "rhacm2/insights-client-rhel8@sha256:bd3b882f8e39f32ca41ae5f063dac4a5952f87aa6742f9e64b70f652d687b451_s390x",
"product_id": "rhacm2/insights-client-rhel8@sha256:bd3b882f8e39f32ca41ae5f063dac4a5952f87aa6742f9e64b70f652d687b451_s390x",
"product_identification_helper": {
"purl": "pkg:oci/insights-client-rhel8@sha256:bd3b882f8e39f32ca41ae5f063dac4a5952f87aa6742f9e64b70f652d687b451?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-metrics-rhel8@sha256:b2160c35fe42e7d88d3265bce1b9f2f84e79af55f935be174ddbd6413bd3f2d2_s390x",
"product": {
"name": "rhacm2/insights-metrics-rhel8@sha256:b2160c35fe42e7d88d3265bce1b9f2f84e79af55f935be174ddbd6413bd3f2d2_s390x",
"product_id": "rhacm2/insights-metrics-rhel8@sha256:b2160c35fe42e7d88d3265bce1b9f2f84e79af55f935be174ddbd6413bd3f2d2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/insights-metrics-rhel8@sha256:b2160c35fe42e7d88d3265bce1b9f2f84e79af55f935be174ddbd6413bd3f2d2?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:766025ff8324ab792dc0fe30192b72b1f6e681695ff9369fdac7cd1f5d0be964_s390x",
"product": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:766025ff8324ab792dc0fe30192b72b1f6e681695ff9369fdac7cd1f5d0be964_s390x",
"product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:766025ff8324ab792dc0fe30192b72b1f6e681695ff9369fdac7cd1f5d0be964_s390x",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:766025ff8324ab792dc0fe30192b72b1f6e681695ff9369fdac7cd1f5d0be964?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:c405e7ace2ac21a6af6e8a6dcff0d1401d4e867d18b09390250509898898fca0_s390x",
"product": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:c405e7ace2ac21a6af6e8a6dcff0d1401d4e867d18b09390250509898898fca0_s390x",
"product_id": "rhacm2/klusterlet-addon-rhel8-operator@sha256:c405e7ace2ac21a6af6e8a6dcff0d1401d4e867d18b09390250509898898fca0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-rhel8-operator@sha256:c405e7ace2ac21a6af6e8a6dcff0d1401d4e867d18b09390250509898898fca0?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-rhel8-operator\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:9a2ae345587d42587c11fdb31a044fad24d031b53879e670c07b0f4d4ee9289d_s390x",
"product": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:9a2ae345587d42587c11fdb31a044fad24d031b53879e670c07b0f4d4ee9289d_s390x",
"product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:9a2ae345587d42587c11fdb31a044fad24d031b53879e670c07b0f4d4ee9289d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:9a2ae345587d42587c11fdb31a044fad24d031b53879e670c07b0f4d4ee9289d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-state-metrics-rhel8@sha256:726946bb75359dedd7b3b7f242078070da27c6ec8fe5f5d0a335f8c43b497247_s390x",
"product": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:726946bb75359dedd7b3b7f242078070da27c6ec8fe5f5d0a335f8c43b497247_s390x",
"product_id": "rhacm2/kube-state-metrics-rhel8@sha256:726946bb75359dedd7b3b7f242078070da27c6ec8fe5f5d0a335f8c43b497247_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kube-state-metrics-rhel8@sha256:726946bb75359dedd7b3b7f242078070da27c6ec8fe5f5d0a335f8c43b497247?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/management-ingress-rhel8@sha256:e9c8b25c555767f6e38ebc3f705b828dab980d24372c834e19f98ca5f747aab4_s390x",
"product": {
"name": "rhacm2/management-ingress-rhel8@sha256:e9c8b25c555767f6e38ebc3f705b828dab980d24372c834e19f98ca5f747aab4_s390x",
"product_id": "rhacm2/management-ingress-rhel8@sha256:e9c8b25c555767f6e38ebc3f705b828dab980d24372c834e19f98ca5f747aab4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/management-ingress-rhel8@sha256:e9c8b25c555767f6e38ebc3f705b828dab980d24372c834e19f98ca5f747aab4?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-rhel8@sha256:658614306f6af7dfad068e94b82632e56e05a4c82573363b8040515ffa293baa_s390x",
"product": {
"name": "rhacm2/memcached-rhel8@sha256:658614306f6af7dfad068e94b82632e56e05a4c82573363b8040515ffa293baa_s390x",
"product_id": "rhacm2/memcached-rhel8@sha256:658614306f6af7dfad068e94b82632e56e05a4c82573363b8040515ffa293baa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/memcached-rhel8@sha256:658614306f6af7dfad068e94b82632e56e05a4c82573363b8040515ffa293baa?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.5.8-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-exporter-rhel8@sha256:180f4c99795f9d2ca6443f9b1aa7b7d312badde5ad178883a322fbf1e32668b6_s390x",
"product": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:180f4c99795f9d2ca6443f9b1aa7b7d312badde5ad178883a322fbf1e32668b6_s390x",
"product_id": "rhacm2/memcached-exporter-rhel8@sha256:180f4c99795f9d2ca6443f9b1aa7b7d312badde5ad178883a322fbf1e32668b6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/memcached-exporter-rhel8@sha256:180f4c99795f9d2ca6443f9b1aa7b7d312badde5ad178883a322fbf1e32668b6?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/metrics-collector-rhel8@sha256:f77de7ec080ad1b2d46a0020ecb19a56bb666244c0166efa8ba13cd74720b24e_s390x",
"product": {
"name": "rhacm2/metrics-collector-rhel8@sha256:f77de7ec080ad1b2d46a0020ecb19a56bb666244c0166efa8ba13cd74720b24e_s390x",
"product_id": "rhacm2/metrics-collector-rhel8@sha256:f77de7ec080ad1b2d46a0020ecb19a56bb666244c0166efa8ba13cd74720b24e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/metrics-collector-rhel8@sha256:f77de7ec080ad1b2d46a0020ecb19a56bb666244c0166efa8ba13cd74720b24e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-integrations-rhel8@sha256:fff0e652bd2ff20104be92b1e7a68137154c8c91a3fc693240c546dc4ed24a7d_s390x",
"product": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:fff0e652bd2ff20104be92b1e7a68137154c8c91a3fc693240c546dc4ed24a7d_s390x",
"product_id": "rhacm2/multicloud-integrations-rhel8@sha256:fff0e652bd2ff20104be92b1e7a68137154c8c91a3fc693240c546dc4ed24a7d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-integrations-rhel8@sha256:fff0e652bd2ff20104be92b1e7a68137154c8c91a3fc693240c546dc4ed24a7d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-rhel8@sha256:96d55bba7efbfcb441d30ac5cf276bf3b4a103f128fcc78b2feb8bd6a655fef7_s390x",
"product": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:96d55bba7efbfcb441d30ac5cf276bf3b4a103f128fcc78b2feb8bd6a655fef7_s390x",
"product_id": "rhacm2/multiclusterhub-rhel8@sha256:96d55bba7efbfcb441d30ac5cf276bf3b4a103f128fcc78b2feb8bd6a655fef7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-rhel8@sha256:96d55bba7efbfcb441d30ac5cf276bf3b4a103f128fcc78b2feb8bd6a655fef7?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:4e472f967f2ed248a41901f1eea143f8b53cc67d2b00fb7f366b30e0ad4c3589_s390x",
"product": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:4e472f967f2ed248a41901f1eea143f8b53cc67d2b00fb7f366b30e0ad4c3589_s390x",
"product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:4e472f967f2ed248a41901f1eea143f8b53cc67d2b00fb7f366b30e0ad4c3589_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:4e472f967f2ed248a41901f1eea143f8b53cc67d2b00fb7f366b30e0ad4c3589?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:483385e39d12236ae4e141cce2a2f36e53cfa60b27d53744ee3acd55773531f4_s390x",
"product": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:483385e39d12236ae4e141cce2a2f36e53cfa60b27d53744ee3acd55773531f4_s390x",
"product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:483385e39d12236ae4e141cce2a2f36e53cfa60b27d53744ee3acd55773531f4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:483385e39d12236ae4e141cce2a2f36e53cfa60b27d53744ee3acd55773531f4?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:e6c1af572e3752fc7a500eb2a83af5007686c5eb20d6d7835283ab5c95fe4d0b_s390x",
"product": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:e6c1af572e3752fc7a500eb2a83af5007686c5eb20d6d7835283ab5c95fe4d0b_s390x",
"product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:e6c1af572e3752fc7a500eb2a83af5007686c5eb20d6d7835283ab5c95fe4d0b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:e6c1af572e3752fc7a500eb2a83af5007686c5eb20d6d7835283ab5c95fe4d0b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:19289b0a7fc403741c6b9b4ca7942830c7e5fb27be742204f8ce70107347e2f8_s390x",
"product": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:19289b0a7fc403741c6b9b4ca7942830c7e5fb27be742204f8ce70107347e2f8_s390x",
"product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:19289b0a7fc403741c6b9b4ca7942830c7e5fb27be742204f8ce70107347e2f8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:19289b0a7fc403741c6b9b4ca7942830c7e5fb27be742204f8ce70107347e2f8?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:b239125eee8c5de8f5aa3b5933cd2351920fa157e9276e3409c22dc2e8a9a228_s390x",
"product": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:b239125eee8c5de8f5aa3b5933cd2351920fa157e9276e3409c22dc2e8a9a228_s390x",
"product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:b239125eee8c5de8f5aa3b5933cd2351920fa157e9276e3409c22dc2e8a9a228_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:b239125eee8c5de8f5aa3b5933cd2351920fa157e9276e3409c22dc2e8a9a228?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/node-exporter-rhel8@sha256:d3c8623f8e58908c2955690a448f7684efb851d0eb32940415cc824cef049416_s390x",
"product": {
"name": "rhacm2/node-exporter-rhel8@sha256:d3c8623f8e58908c2955690a448f7684efb851d0eb32940415cc824cef049416_s390x",
"product_id": "rhacm2/node-exporter-rhel8@sha256:d3c8623f8e58908c2955690a448f7684efb851d0eb32940415cc824cef049416_s390x",
"product_identification_helper": {
"purl": "pkg:oci/node-exporter-rhel8@sha256:d3c8623f8e58908c2955690a448f7684efb851d0eb32940415cc824cef049416?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8@sha256:5c81a6e390614069fb163ab03b85f9d97f4fa844e37840bd5506ea146648453b_s390x",
"product": {
"name": "rhacm2/observatorium-rhel8@sha256:5c81a6e390614069fb163ab03b85f9d97f4fa844e37840bd5506ea146648453b_s390x",
"product_id": "rhacm2/observatorium-rhel8@sha256:5c81a6e390614069fb163ab03b85f9d97f4fa844e37840bd5506ea146648453b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8@sha256:5c81a6e390614069fb163ab03b85f9d97f4fa844e37840bd5506ea146648453b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel8-operator@sha256:d9b626336ef66d09cddd9bf3a18c9bec87ed38c943d482d3e75dce8e35241302_s390x",
"product": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:d9b626336ef66d09cddd9bf3a18c9bec87ed38c943d482d3e75dce8e35241302_s390x",
"product_id": "rhacm2/observatorium-rhel8-operator@sha256:d9b626336ef66d09cddd9bf3a18c9bec87ed38c943d482d3e75dce8e35241302_s390x",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel8-operator@sha256:d9b626336ef66d09cddd9bf3a18c9bec87ed38c943d482d3e75dce8e35241302?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.5.8-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:a9950fd16ed4c57c8f9d57b7d67b0d799c06c0aa35009bf9ee65b4efe1199621_s390x",
"product": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:a9950fd16ed4c57c8f9d57b7d67b0d799c06c0aa35009bf9ee65b4efe1199621_s390x",
"product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:a9950fd16ed4c57c8f9d57b7d67b0d799c06c0aa35009bf9ee65b4efe1199621_s390x",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:a9950fd16ed4c57c8f9d57b7d67b0d799c06c0aa35009bf9ee65b4efe1199621?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-rhel8@sha256:6711573af9580dc36f2b6d1f650c64eaf079095c9afdefacb1483a92c2c5d3bb_s390x",
"product": {
"name": "rhacm2/prometheus-rhel8@sha256:6711573af9580dc36f2b6d1f650c64eaf079095c9afdefacb1483a92c2c5d3bb_s390x",
"product_id": "rhacm2/prometheus-rhel8@sha256:6711573af9580dc36f2b6d1f650c64eaf079095c9afdefacb1483a92c2c5d3bb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel8@sha256:6711573af9580dc36f2b6d1f650c64eaf079095c9afdefacb1483a92c2c5d3bb?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:e749feb6787bc37d826bbfb6bf7fc78509c31e3cec10b74791ff13f06ec1e519_s390x",
"product": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:e749feb6787bc37d826bbfb6bf7fc78509c31e3cec10b74791ff13f06ec1e519_s390x",
"product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:e749feb6787bc37d826bbfb6bf7fc78509c31e3cec10b74791ff13f06ec1e519_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:e749feb6787bc37d826bbfb6bf7fc78509c31e3cec10b74791ff13f06ec1e519?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.5.8-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/redisgraph-tls-rhel8@sha256:344d572012f7a894b1c4208e51b3e2b20fc46723972de2431494ce7d86bd7694_s390x",
"product": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:344d572012f7a894b1c4208e51b3e2b20fc46723972de2431494ce7d86bd7694_s390x",
"product_id": "rhacm2/redisgraph-tls-rhel8@sha256:344d572012f7a894b1c4208e51b3e2b20fc46723972de2431494ce7d86bd7694_s390x",
"product_identification_helper": {
"purl": "pkg:oci/redisgraph-tls-rhel8@sha256:344d572012f7a894b1c4208e51b3e2b20fc46723972de2431494ce7d86bd7694?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.5.8-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-aggregator-rhel8@sha256:4515e7dd38daabaddd921e52a73d7c1272dfe2a0ddf21a2a36994f0335af8cb8_s390x",
"product": {
"name": "rhacm2/search-aggregator-rhel8@sha256:4515e7dd38daabaddd921e52a73d7c1272dfe2a0ddf21a2a36994f0335af8cb8_s390x",
"product_id": "rhacm2/search-aggregator-rhel8@sha256:4515e7dd38daabaddd921e52a73d7c1272dfe2a0ddf21a2a36994f0335af8cb8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/search-aggregator-rhel8@sha256:4515e7dd38daabaddd921e52a73d7c1272dfe2a0ddf21a2a36994f0335af8cb8?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-api-rhel8@sha256:a2d0e849a731c00405d2ff0d109ba63cde8196525787ac8c454f0a405c994fce_s390x",
"product": {
"name": "rhacm2/search-api-rhel8@sha256:a2d0e849a731c00405d2ff0d109ba63cde8196525787ac8c454f0a405c994fce_s390x",
"product_id": "rhacm2/search-api-rhel8@sha256:a2d0e849a731c00405d2ff0d109ba63cde8196525787ac8c454f0a405c994fce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/search-api-rhel8@sha256:a2d0e849a731c00405d2ff0d109ba63cde8196525787ac8c454f0a405c994fce?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-collector-rhel8@sha256:82a4817ed9a8b3040c69b5fc0328a1bdfbc2bddc78229855afc571c36789c531_s390x",
"product": {
"name": "rhacm2/search-collector-rhel8@sha256:82a4817ed9a8b3040c69b5fc0328a1bdfbc2bddc78229855afc571c36789c531_s390x",
"product_id": "rhacm2/search-collector-rhel8@sha256:82a4817ed9a8b3040c69b5fc0328a1bdfbc2bddc78229855afc571c36789c531_s390x",
"product_identification_helper": {
"purl": "pkg:oci/search-collector-rhel8@sha256:82a4817ed9a8b3040c69b5fc0328a1bdfbc2bddc78229855afc571c36789c531?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-rhel8@sha256:b7e7b0b5651fcd4bfa344c1fff8bb17f4e088a1fa7d5577a983e00817e32310d_s390x",
"product": {
"name": "rhacm2/search-rhel8@sha256:b7e7b0b5651fcd4bfa344c1fff8bb17f4e088a1fa7d5577a983e00817e32310d_s390x",
"product_id": "rhacm2/search-rhel8@sha256:b7e7b0b5651fcd4bfa344c1fff8bb17f4e088a1fa7d5577a983e00817e32310d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/search-rhel8@sha256:b7e7b0b5651fcd4bfa344c1fff8bb17f4e088a1fa7d5577a983e00817e32310d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-addon-rhel8@sha256:f68201802e6754412c1181f707aed07058ad1e0d4d22b300c89c73de48cfd3f8_s390x",
"product": {
"name": "rhacm2/submariner-addon-rhel8@sha256:f68201802e6754412c1181f707aed07058ad1e0d4d22b300c89c73de48cfd3f8_s390x",
"product_id": "rhacm2/submariner-addon-rhel8@sha256:f68201802e6754412c1181f707aed07058ad1e0d4d22b300c89c73de48cfd3f8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-addon-rhel8@sha256:f68201802e6754412c1181f707aed07058ad1e0d4d22b300c89c73de48cfd3f8?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.5.8-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-rhel8@sha256:71c6820b975b2d516c0848fa3ca6c608069e7ab352335201f1eaa7bf4c7c4554_s390x",
"product": {
"name": "rhacm2/thanos-rhel8@sha256:71c6820b975b2d516c0848fa3ca6c608069e7ab352335201f1eaa7bf4c7c4554_s390x",
"product_id": "rhacm2/thanos-rhel8@sha256:71c6820b975b2d516c0848fa3ca6c608069e7ab352335201f1eaa7bf4c7c4554_s390x",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel8@sha256:71c6820b975b2d516c0848fa3ca6c608069e7ab352335201f1eaa7bf4c7c4554?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:12c712adceceb029355b9b4a037bfe66a2a08ce3c6a2ce7793d6d2e9533dc470_s390x",
"product": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:12c712adceceb029355b9b4a037bfe66a2a08ce3c6a2ce7793d6d2e9533dc470_s390x",
"product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:12c712adceceb029355b9b4a037bfe66a2a08ce3c6a2ce7793d6d2e9533dc470_s390x",
"product_identification_helper": {
"purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:12c712adceceb029355b9b4a037bfe66a2a08ce3c6a2ce7793d6d2e9533dc470?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.5.8-4"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-cluster-proxy-rhel8@sha256:42026bfa5539615a6c17d07a02f86c1dcf2dae850fb83f813527545240338148_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:42026bfa5539615a6c17d07a02f86c1dcf2dae850fb83f813527545240338148_s390x"
},
"product_reference": "rhacm2/acm-cluster-proxy-rhel8@sha256:42026bfa5539615a6c17d07a02f86c1dcf2dae850fb83f813527545240338148_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-cluster-proxy-rhel8@sha256:79faff8ac18214edb139b4016afbf801ed922c6fe018309128d088ac75c869b7_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:79faff8ac18214edb139b4016afbf801ed922c6fe018309128d088ac75c869b7_amd64"
},
"product_reference": "rhacm2/acm-cluster-proxy-rhel8@sha256:79faff8ac18214edb139b4016afbf801ed922c6fe018309128d088ac75c869b7_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-cluster-proxy-rhel8@sha256:ae6560072188b106a05bcb0cb0b30c8cdd5fd0c9b09b689a6c5ed0bcec555a15_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:ae6560072188b106a05bcb0cb0b30c8cdd5fd0c9b09b689a6c5ed0bcec555a15_arm64"
},
"product_reference": "rhacm2/acm-cluster-proxy-rhel8@sha256:ae6560072188b106a05bcb0cb0b30c8cdd5fd0c9b09b689a6c5ed0bcec555a15_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-cluster-proxy-rhel8@sha256:c3153f927005f6370671a11909983393037a79fb4db7feee689474109dc7fc78_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:c3153f927005f6370671a11909983393037a79fb4db7feee689474109dc7fc78_ppc64le"
},
"product_reference": "rhacm2/acm-cluster-proxy-rhel8@sha256:c3153f927005f6370671a11909983393037a79fb4db7feee689474109dc7fc78_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:12f96d091141a222cf30155e1bf0f2602af874877fe079d2b0d3c03a8c923db9_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:12f96d091141a222cf30155e1bf0f2602af874877fe079d2b0d3c03a8c923db9_s390x"
},
"product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:12f96d091141a222cf30155e1bf0f2602af874877fe079d2b0d3c03a8c923db9_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:17fcb839bbcb7c25cbe66a6c19dd48252ac0a03cf6335201407d111bf6b5015b_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:17fcb839bbcb7c25cbe66a6c19dd48252ac0a03cf6335201407d111bf6b5015b_arm64"
},
"product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:17fcb839bbcb7c25cbe66a6c19dd48252ac0a03cf6335201407d111bf6b5015b_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:4780cf81b07b6a003804fd780dfe9cafa3ba8d3f27083095e9ea68ef7827613c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:4780cf81b07b6a003804fd780dfe9cafa3ba8d3f27083095e9ea68ef7827613c_amd64"
},
"product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:4780cf81b07b6a003804fd780dfe9cafa3ba8d3f27083095e9ea68ef7827613c_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7fb67d35bad7f0c7f9ab5f2de9bcb7d78f5482207a986b982ad1120fb2c359f6_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7fb67d35bad7f0c7f9ab5f2de9bcb7d78f5482207a986b982ad1120fb2c359f6_ppc64le"
},
"product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7fb67d35bad7f0c7f9ab5f2de9bcb7d78f5482207a986b982ad1120fb2c359f6_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-grafana-rhel8@sha256:27a794307bbf4e9dbb593f2f118304ec0adab0b4e2f2cebe352a830d8f8164c5_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:27a794307bbf4e9dbb593f2f118304ec0adab0b4e2f2cebe352a830d8f8164c5_ppc64le"
},
"product_reference": "rhacm2/acm-grafana-rhel8@sha256:27a794307bbf4e9dbb593f2f118304ec0adab0b4e2f2cebe352a830d8f8164c5_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-grafana-rhel8@sha256:b2cf4eae8410b345ab5222673e73985854ad6a1684c0f0e41d5913d0cb697081_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:b2cf4eae8410b345ab5222673e73985854ad6a1684c0f0e41d5913d0cb697081_amd64"
},
"product_reference": "rhacm2/acm-grafana-rhel8@sha256:b2cf4eae8410b345ab5222673e73985854ad6a1684c0f0e41d5913d0cb697081_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-grafana-rhel8@sha256:d246af9d90b8fd808763baf870a9ac1665bf04e5e0c8ac442e51e6be50a2a9c8_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:d246af9d90b8fd808763baf870a9ac1665bf04e5e0c8ac442e51e6be50a2a9c8_s390x"
},
"product_reference": "rhacm2/acm-grafana-rhel8@sha256:d246af9d90b8fd808763baf870a9ac1665bf04e5e0c8ac442e51e6be50a2a9c8_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-grafana-rhel8@sha256:d936283544611591dd94849e3bf9c3c44b8415992e62ce732b8f3c347d3166f6_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:d936283544611591dd94849e3bf9c3c44b8415992e62ce732b8f3c347d3166f6_arm64"
},
"product_reference": "rhacm2/acm-grafana-rhel8@sha256:d936283544611591dd94849e3bf9c3c44b8415992e62ce732b8f3c347d3166f6_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:12ad5b3157e7702a0b05effd000978e8ad277b45aa6fc06b726e01e1142cd354_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:12ad5b3157e7702a0b05effd000978e8ad277b45aa6fc06b726e01e1142cd354_amd64"
},
"product_reference": "rhacm2/acm-must-gather-rhel8@sha256:12ad5b3157e7702a0b05effd000978e8ad277b45aa6fc06b726e01e1142cd354_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:5eea4e889a403d1e9530980eaa0a973c1453c24fda8ada59957bbc4f20757551_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:5eea4e889a403d1e9530980eaa0a973c1453c24fda8ada59957bbc4f20757551_ppc64le"
},
"product_reference": "rhacm2/acm-must-gather-rhel8@sha256:5eea4e889a403d1e9530980eaa0a973c1453c24fda8ada59957bbc4f20757551_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:b1eb1a70b514f725f926648ad0c39d1305653941db2a452c0ffc351ac0438531_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:b1eb1a70b514f725f926648ad0c39d1305653941db2a452c0ffc351ac0438531_arm64"
},
"product_reference": "rhacm2/acm-must-gather-rhel8@sha256:b1eb1a70b514f725f926648ad0c39d1305653941db2a452c0ffc351ac0438531_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-must-gather-rhel8@sha256:d70951cdff2f6c5781d39bb30190048b6a32b75c2c1d3b7db308574e578cd7d1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:d70951cdff2f6c5781d39bb30190048b6a32b75c2c1d3b7db308574e578cd7d1_s390x"
},
"product_reference": "rhacm2/acm-must-gather-rhel8@sha256:d70951cdff2f6c5781d39bb30190048b6a32b75c2c1d3b7db308574e578cd7d1_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-operator-bundle@sha256:8d21655a022072564d48ab764b5da765c9b1dd0a84f76ac4875cbde944c04747_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-operator-bundle@sha256:8d21655a022072564d48ab764b5da765c9b1dd0a84f76ac4875cbde944c04747_ppc64le"
},
"product_reference": "rhacm2/acm-operator-bundle@sha256:8d21655a022072564d48ab764b5da765c9b1dd0a84f76ac4875cbde944c04747_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-operator-bundle@sha256:95dc381e453cd2201b460cd5096de0f4d061e9fc9a6b6b4e4c4d283ec57e9286_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-operator-bundle@sha256:95dc381e453cd2201b460cd5096de0f4d061e9fc9a6b6b4e4c4d283ec57e9286_amd64"
},
"product_reference": "rhacm2/acm-operator-bundle@sha256:95dc381e453cd2201b460cd5096de0f4d061e9fc9a6b6b4e4c4d283ec57e9286_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-operator-bundle@sha256:b46e6e7b2b79f0bfc292df064ed34d4efeada493b0ce770403c7cbdf3bb44662_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-operator-bundle@sha256:b46e6e7b2b79f0bfc292df064ed34d4efeada493b0ce770403c7cbdf3bb44662_s390x"
},
"product_reference": "rhacm2/acm-operator-bundle@sha256:b46e6e7b2b79f0bfc292df064ed34d4efeada493b0ce770403c7cbdf3bb44662_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:1630964477b19fcf69f8eafdb83a39c8588a324819ffa415908a1de31f9fff2b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:1630964477b19fcf69f8eafdb83a39c8588a324819ffa415908a1de31f9fff2b_amd64"
},
"product_reference": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:1630964477b19fcf69f8eafdb83a39c8588a324819ffa415908a1de31f9fff2b_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:4be1d5580dc2dd49b2f94c0c57e2de081ee54507cd1f422e9eb7a4126f6a36c3_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:4be1d5580dc2dd49b2f94c0c57e2de081ee54507cd1f422e9eb7a4126f6a36c3_ppc64le"
},
"product_reference": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:4be1d5580dc2dd49b2f94c0c57e2de081ee54507cd1f422e9eb7a4126f6a36c3_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a6f16ef252a256fbadebfbd01b70bbf748e82179285602f1f1735b0933bb67d4_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a6f16ef252a256fbadebfbd01b70bbf748e82179285602f1f1735b0933bb67d4_arm64"
},
"product_reference": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a6f16ef252a256fbadebfbd01b70bbf748e82179285602f1f1735b0933bb67d4_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b07234d4c68754696040d68aac03a11d6303d6a2d7358e1213a492f3e25b92bf_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b07234d4c68754696040d68aac03a11d6303d6a2d7358e1213a492f3e25b92bf_s390x"
},
"product_reference": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b07234d4c68754696040d68aac03a11d6303d6a2d7358e1213a492f3e25b92bf_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-prometheus-rhel8@sha256:1e11a1e52ab4a696df5ae1403a9a6539cc94931e486d575f28f35c6ad1202428_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:1e11a1e52ab4a696df5ae1403a9a6539cc94931e486d575f28f35c6ad1202428_ppc64le"
},
"product_reference": "rhacm2/acm-prometheus-rhel8@sha256:1e11a1e52ab4a696df5ae1403a9a6539cc94931e486d575f28f35c6ad1202428_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-prometheus-rhel8@sha256:7a3cccfe7a1a7b57d6aa1b3576e87134585db2f41bfff9b4b50fa54391ad8888_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:7a3cccfe7a1a7b57d6aa1b3576e87134585db2f41bfff9b4b50fa54391ad8888_amd64"
},
"product_reference": "rhacm2/acm-prometheus-rhel8@sha256:7a3cccfe7a1a7b57d6aa1b3576e87134585db2f41bfff9b4b50fa54391ad8888_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-prometheus-rhel8@sha256:c8213633b8e670bf33b22ca87c8a309558ce4740b709847174c2ab366df324b0_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:c8213633b8e670bf33b22ca87c8a309558ce4740b709847174c2ab366df324b0_s390x"
},
"product_reference": "rhacm2/acm-prometheus-rhel8@sha256:c8213633b8e670bf33b22ca87c8a309558ce4740b709847174c2ab366df324b0_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-prometheus-rhel8@sha256:f4e06e80479dccae5cd97069a50623ec388df93f563191fe6159f3f813aa84db_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:f4e06e80479dccae5cd97069a50623ec388df93f563191fe6159f3f813aa84db_arm64"
},
"product_reference": "rhacm2/acm-prometheus-rhel8@sha256:f4e06e80479dccae5cd97069a50623ec388df93f563191fe6159f3f813aa84db_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:8a721e578b78b6e56f92a9ddabebe1843b50492bdc9e42d00c757e8d239d9dbb_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:8a721e578b78b6e56f92a9ddabebe1843b50492bdc9e42d00c757e8d239d9dbb_arm64"
},
"product_reference": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:8a721e578b78b6e56f92a9ddabebe1843b50492bdc9e42d00c757e8d239d9dbb_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:9fa12720e772f7e8e101943742e0927d35cbb112ab1268a58faf3f73fbb0ea50_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:9fa12720e772f7e8e101943742e0927d35cbb112ab1268a58faf3f73fbb0ea50_ppc64le"
},
"product_reference": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:9fa12720e772f7e8e101943742e0927d35cbb112ab1268a58faf3f73fbb0ea50_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:c6f835ad002890b59bc09b4da920c74f9b7a2777a8d149c6584e279888418dd1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:c6f835ad002890b59bc09b4da920c74f9b7a2777a8d149c6584e279888418dd1_s390x"
},
"product_reference": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:c6f835ad002890b59bc09b4da920c74f9b7a2777a8d149c6584e279888418dd1_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:f6faa8e2ad741c66a4a9ba379dc898f25bf4765d01976bd8b4f395014c09967e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:f6faa8e2ad741c66a4a9ba379dc898f25bf4765d01976bd8b4f395014c09967e_amd64"
},
"product_reference": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:f6faa8e2ad741c66a4a9ba379dc898f25bf4765d01976bd8b4f395014c09967e_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:694c13fb7de1591dd9c0a2441662cf9703dad6352a5c7b83600fe140cb443fef_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:694c13fb7de1591dd9c0a2441662cf9703dad6352a5c7b83600fe140cb443fef_amd64"
},
"product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:694c13fb7de1591dd9c0a2441662cf9703dad6352a5c7b83600fe140cb443fef_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:6ae568aa7fd9da2953cc7036667a2c030306a0acbe3de0eabe886b63295bf29c_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:6ae568aa7fd9da2953cc7036667a2c030306a0acbe3de0eabe886b63295bf29c_arm64"
},
"product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:6ae568aa7fd9da2953cc7036667a2c030306a0acbe3de0eabe886b63295bf29c_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:b5929eb3b7e752188ffa76babd79b19368cef5c3d3c50e32c0b72f26c0c70784_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:b5929eb3b7e752188ffa76babd79b19368cef5c3d3c50e32c0b72f26c0c70784_ppc64le"
},
"product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:b5929eb3b7e752188ffa76babd79b19368cef5c3d3c50e32c0b72f26c0c70784_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cert-policy-controller-rhel8@sha256:eabe8d58dccadd52e9e668652cbe56bcd64b0518a81928dbed1bc7140e5d9056_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:eabe8d58dccadd52e9e668652cbe56bcd64b0518a81928dbed1bc7140e5d9056_s390x"
},
"product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:eabe8d58dccadd52e9e668652cbe56bcd64b0518a81928dbed1bc7140e5d9056_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:1af56fa1c3c76044c8452ce2dd903a53fdc4e3e017dcb67a1e85341e8fc0a28f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:1af56fa1c3c76044c8452ce2dd903a53fdc4e3e017dcb67a1e85341e8fc0a28f_amd64"
},
"product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:1af56fa1c3c76044c8452ce2dd903a53fdc4e3e017dcb67a1e85341e8fc0a28f_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:d7337ca51bfb99caf69c95470441c3d77249893d53a561375295592cd207b1ec_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:d7337ca51bfb99caf69c95470441c3d77249893d53a561375295592cd207b1ec_arm64"
},
"product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:d7337ca51bfb99caf69c95470441c3d77249893d53a561375295592cd207b1ec_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:de535249ca4da9dac78a074b64c3d4bef794750a7529d800e4725dfabc4a462b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:de535249ca4da9dac78a074b64c3d4bef794750a7529d800e4725dfabc4a462b_s390x"
},
"product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:de535249ca4da9dac78a074b64c3d4bef794750a7529d800e4725dfabc4a462b_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-backup-rhel8-operator@sha256:f296df788cc318a3d978e4e1fc8358d069b3979ca1fd6698d6727858978a3109_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:f296df788cc318a3d978e4e1fc8358d069b3979ca1fd6698d6727858978a3109_ppc64le"
},
"product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:f296df788cc318a3d978e4e1fc8358d069b3979ca1fd6698d6727858978a3109_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:413c48ae42a0ba00b7cc085fa33b01dbec8dc05cac50602093afcb60a6587391_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:413c48ae42a0ba00b7cc085fa33b01dbec8dc05cac50602093afcb60a6587391_arm64"
},
"product_reference": "rhacm2/cluster-proxy-addon-rhel8@sha256:413c48ae42a0ba00b7cc085fa33b01dbec8dc05cac50602093afcb60a6587391_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:672f989d243cf3648e7268f2d6b6a241635beec2c8a13398b4a3c2df4b231948_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:672f989d243cf3648e7268f2d6b6a241635beec2c8a13398b4a3c2df4b231948_ppc64le"
},
"product_reference": "rhacm2/cluster-proxy-addon-rhel8@sha256:672f989d243cf3648e7268f2d6b6a241635beec2c8a13398b4a3c2df4b231948_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:934a586cc479b35ff5f665f327c77ceaeec953b368bd2bcd375c3e4e28dacd62_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:934a586cc479b35ff5f665f327c77ceaeec953b368bd2bcd375c3e4e28dacd62_s390x"
},
"product_reference": "rhacm2/cluster-proxy-addon-rhel8@sha256:934a586cc479b35ff5f665f327c77ceaeec953b368bd2bcd375c3e4e28dacd62_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-proxy-addon-rhel8@sha256:a14e9bf26af979c1da90a9b12a970069302db8de309eaf94f4b94826938cab49_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:a14e9bf26af979c1da90a9b12a970069302db8de309eaf94f4b94826938cab49_amd64"
},
"product_reference": "rhacm2/cluster-proxy-addon-rhel8@sha256:a14e9bf26af979c1da90a9b12a970069302db8de309eaf94f4b94826938cab49_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:273d357f500611a39987e50453bc243d4f1f85ecce6fc90a97fa2b4580f37b02_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:273d357f500611a39987e50453bc243d4f1f85ecce6fc90a97fa2b4580f37b02_arm64"
},
"product_reference": "rhacm2/config-policy-controller-rhel8@sha256:273d357f500611a39987e50453bc243d4f1f85ecce6fc90a97fa2b4580f37b02_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:51a5f1b376661bd3d2c7dcdd3788bcad526016aba2b80c72c83a72b0b04df78e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:51a5f1b376661bd3d2c7dcdd3788bcad526016aba2b80c72c83a72b0b04df78e_ppc64le"
},
"product_reference": "rhacm2/config-policy-controller-rhel8@sha256:51a5f1b376661bd3d2c7dcdd3788bcad526016aba2b80c72c83a72b0b04df78e_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:cfdf9d8d8bd73f9f137830bfd3f00abf4e4e82cbecfe96c81b99a7ff8410dbff_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:cfdf9d8d8bd73f9f137830bfd3f00abf4e4e82cbecfe96c81b99a7ff8410dbff_amd64"
},
"product_reference": "rhacm2/config-policy-controller-rhel8@sha256:cfdf9d8d8bd73f9f137830bfd3f00abf4e4e82cbecfe96c81b99a7ff8410dbff_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/config-policy-controller-rhel8@sha256:f844d954943c1641b3d14609ba02ff68b196f78bc25d09387893b80afcca6991_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:f844d954943c1641b3d14609ba02ff68b196f78bc25d09387893b80afcca6991_s390x"
},
"product_reference": "rhacm2/config-policy-controller-rhel8@sha256:f844d954943c1641b3d14609ba02ff68b196f78bc25d09387893b80afcca6991_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-rhel8@sha256:349e86cf0b80d820089c9f694fc24e9ad4901819ee53b8aea3724a750b8f85aa_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:349e86cf0b80d820089c9f694fc24e9ad4901819ee53b8aea3724a750b8f85aa_s390x"
},
"product_reference": "rhacm2/console-rhel8@sha256:349e86cf0b80d820089c9f694fc24e9ad4901819ee53b8aea3724a750b8f85aa_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-rhel8@sha256:43d0001814b8e3df5ea9cc4a75673388feb2e03443de3e3126bd353e8a709c58_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:43d0001814b8e3df5ea9cc4a75673388feb2e03443de3e3126bd353e8a709c58_arm64"
},
"product_reference": "rhacm2/console-rhel8@sha256:43d0001814b8e3df5ea9cc4a75673388feb2e03443de3e3126bd353e8a709c58_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-rhel8@sha256:c0692ce4672eed1258569ce2d166a39bcce1d0276ed2b910eca1604f012d3444_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:c0692ce4672eed1258569ce2d166a39bcce1d0276ed2b910eca1604f012d3444_amd64"
},
"product_reference": "rhacm2/console-rhel8@sha256:c0692ce4672eed1258569ce2d166a39bcce1d0276ed2b910eca1604f012d3444_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-rhel8@sha256:e0329f2b0495e5657c777f0d4ba219357faf00708b85e0fcbfad448110d88c99_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:e0329f2b0495e5657c777f0d4ba219357faf00708b85e0fcbfad448110d88c99_ppc64le"
},
"product_reference": "rhacm2/console-rhel8@sha256:e0329f2b0495e5657c777f0d4ba219357faf00708b85e0fcbfad448110d88c99_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:6543b5d66776cd49f7b75034f56a841a8fdc33464a24d0aa1dab660ce2aedf61_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:6543b5d66776cd49f7b75034f56a841a8fdc33464a24d0aa1dab660ce2aedf61_ppc64le"
},
"product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:6543b5d66776cd49f7b75034f56a841a8fdc33464a24d0aa1dab660ce2aedf61_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7debc3bbbaa7cb11fb38a316b6eeffcf3150ffab71535254288033dfe6e12d5d_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7debc3bbbaa7cb11fb38a316b6eeffcf3150ffab71535254288033dfe6e12d5d_arm64"
},
"product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7debc3bbbaa7cb11fb38a316b6eeffcf3150ffab71535254288033dfe6e12d5d_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1b96ba99a5b502cb1a128da6deef8fd9bdbf85750d331a9673161795796147_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1b96ba99a5b502cb1a128da6deef8fd9bdbf85750d331a9673161795796147_s390x"
},
"product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1b96ba99a5b502cb1a128da6deef8fd9bdbf85750d331a9673161795796147_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1ff7d70f504c4e14edc8df0c3f9cf58f22561f08bbf1f2f3985160b221ac3d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1ff7d70f504c4e14edc8df0c3f9cf58f22561f08bbf1f2f3985160b221ac3d_amd64"
},
"product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1ff7d70f504c4e14edc8df0c3f9cf58f22561f08bbf1f2f3985160b221ac3d_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:31e9c532ca1b4f1821e7d5b1a8ca55ccb7fefe3e8f35814a9e4f2a4596f9a365_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:31e9c532ca1b4f1821e7d5b1a8ca55ccb7fefe3e8f35814a9e4f2a4596f9a365_arm64"
},
"product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:31e9c532ca1b4f1821e7d5b1a8ca55ccb7fefe3e8f35814a9e4f2a4596f9a365_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:6acd7f14d35e1296964fe4b8aff906447d039c115766483eb6d976c5fe3cf6f4_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:6acd7f14d35e1296964fe4b8aff906447d039c115766483eb6d976c5fe3cf6f4_ppc64le"
},
"product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:6acd7f14d35e1296964fe4b8aff906447d039c115766483eb6d976c5fe3cf6f4_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:853b393a1e2b36206f6f76a6986a21b9a699848fc19cf4063a8af02fb1526be5_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:853b393a1e2b36206f6f76a6986a21b9a699848fc19cf4063a8af02fb1526be5_s390x"
},
"product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:853b393a1e2b36206f6f76a6986a21b9a699848fc19cf4063a8af02fb1526be5_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-propagator-rhel8@sha256:ebfd9e8df0e526dae8ee90a7964ed4d40c6b8d10b105284855c1023a43c47960_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:ebfd9e8df0e526dae8ee90a7964ed4d40c6b8d10b105284855c1023a43c47960_amd64"
},
"product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:ebfd9e8df0e526dae8ee90a7964ed4d40c6b8d10b105284855c1023a43c47960_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:1dd978c5a126f4d77754b6ecf92fe43f8451bc705e8f04a948963de3e2156c8c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:1dd978c5a126f4d77754b6ecf92fe43f8451bc705e8f04a948963de3e2156c8c_s390x"
},
"product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:1dd978c5a126f4d77754b6ecf92fe43f8451bc705e8f04a948963de3e2156c8c_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:257a7018b6d5f8ce3706892b2b8b5da18d094b1086b72969489a0dbacdb7b072_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:257a7018b6d5f8ce3706892b2b8b5da18d094b1086b72969489a0dbacdb7b072_arm64"
},
"product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:257a7018b6d5f8ce3706892b2b8b5da18d094b1086b72969489a0dbacdb7b072_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:7db39af24f5729fa7d2aef81125a6ca2e207807a61e628133cdc6dadf090593a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:7db39af24f5729fa7d2aef81125a6ca2e207807a61e628133cdc6dadf090593a_ppc64le"
},
"product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:7db39af24f5729fa7d2aef81125a6ca2e207807a61e628133cdc6dadf090593a_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:ea9ff26561b4bf178ca2ad2ed621e1e4174a7a4d6812a1c09a19f026c7097110_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:ea9ff26561b4bf178ca2ad2ed621e1e4174a7a4d6812a1c09a19f026c7097110_amd64"
},
"product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:ea9ff26561b4bf178ca2ad2ed621e1e4174a7a4d6812a1c09a19f026c7097110_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:57ba12f9bfbe0a5b4c8c68aa0372ecde4f60162405e70d0e87c157839ef0c7f2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:57ba12f9bfbe0a5b4c8c68aa0372ecde4f60162405e70d0e87c157839ef0c7f2_amd64"
},
"product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:57ba12f9bfbe0a5b4c8c68aa0372ecde4f60162405e70d0e87c157839ef0c7f2_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:5e991a67ed60a2e7d9c63f7ba448d2b1ea851cf80b4b8bbf921c6aab4fb31991_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:5e991a67ed60a2e7d9c63f7ba448d2b1ea851cf80b4b8bbf921c6aab4fb31991_s390x"
},
"product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:5e991a67ed60a2e7d9c63f7ba448d2b1ea851cf80b4b8bbf921c6aab4fb31991_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:60cce7b2596c3e9a12fabc08652beddaeacd786b56db6601ca5e06a7da94b0f8_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:60cce7b2596c3e9a12fabc08652beddaeacd786b56db6601ca5e06a7da94b0f8_ppc64le"
},
"product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:60cce7b2596c3e9a12fabc08652beddaeacd786b56db6601ca5e06a7da94b0f8_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-status-sync-rhel8@sha256:620836af3504d61da539dddb3bcf083ccf67da57eea0dada8986dfaea758afc6_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:620836af3504d61da539dddb3bcf083ccf67da57eea0dada8986dfaea758afc6_arm64"
},
"product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:620836af3504d61da539dddb3bcf083ccf67da57eea0dada8986dfaea758afc6_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:205eb25e8036c45863c221ea969b9b68ff0e3915fd1560fd76e62fa0c11ffb16_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:205eb25e8036c45863c221ea969b9b68ff0e3915fd1560fd76e62fa0c11ffb16_ppc64le"
},
"product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:205eb25e8036c45863c221ea969b9b68ff0e3915fd1560fd76e62fa0c11ffb16_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:9ba5f63e9594b8507b617c136eb79b006202bf36e0dda88586eba69b8950727e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:9ba5f63e9594b8507b617c136eb79b006202bf36e0dda88586eba69b8950727e_s390x"
},
"product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:9ba5f63e9594b8507b617c136eb79b006202bf36e0dda88586eba69b8950727e_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:bb2507fcfde82de4ea0581942f208bde0a225dc5fff35933aa3c90c8daec1b8e_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:bb2507fcfde82de4ea0581942f208bde0a225dc5fff35933aa3c90c8daec1b8e_arm64"
},
"product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:bb2507fcfde82de4ea0581942f208bde0a225dc5fff35933aa3c90c8daec1b8e_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-template-sync-rhel8@sha256:caf169dcb0e561d6c25deb4dc12f5a28955fd7f998de5ef95f7aa5c4b781c34a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:caf169dcb0e561d6c25deb4dc12f5a28955fd7f998de5ef95f7aa5c4b781c34a_amd64"
},
"product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:caf169dcb0e561d6c25deb4dc12f5a28955fd7f998de5ef95f7aa5c4b781c34a_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:03f136165015a319b3ec01b1e45c6011928a856557fbd3448e85a05ac41a5d33_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:03f136165015a319b3ec01b1e45c6011928a856557fbd3448e85a05ac41a5d33_s390x"
},
"product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:03f136165015a319b3ec01b1e45c6011928a856557fbd3448e85a05ac41a5d33_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:6c012d7109ad50b13f8603f347fb4bf23e7ae2b9a07b1e7b722c49ac4967b72d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:6c012d7109ad50b13f8603f347fb4bf23e7ae2b9a07b1e7b722c49ac4967b72d_ppc64le"
},
"product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:6c012d7109ad50b13f8603f347fb4bf23e7ae2b9a07b1e7b722c49ac4967b72d_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:abc83c5c4ba389637fc51d113639042e6d670bb601f564350e3cb5759c63c8b8_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:abc83c5c4ba389637fc51d113639042e6d670bb601f564350e3cb5759c63c8b8_amd64"
},
"product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:abc83c5c4ba389637fc51d113639042e6d670bb601f564350e3cb5759c63c8b8_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:ba250b395ade07ec66e92c7869e8336fd8fc84546448f8f2ec2da1e0a833bab7_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:ba250b395ade07ec66e92c7869e8336fd8fc84546448f8f2ec2da1e0a833bab7_arm64"
},
"product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:ba250b395ade07ec66e92c7869e8336fd8fc84546448f8f2ec2da1e0a833bab7_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:2cdab722befeee51a4c8e3768c9d128663294e6cc9140c71270125bbbb5256a7_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:2cdab722befeee51a4c8e3768c9d128663294e6cc9140c71270125bbbb5256a7_arm64"
},
"product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:2cdab722befeee51a4c8e3768c9d128663294e6cc9140c71270125bbbb5256a7_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:7ffb5597a30cff6a3354297b49f9abc40659af14969912dbbae18f1b8e02d040_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:7ffb5597a30cff6a3354297b49f9abc40659af14969912dbbae18f1b8e02d040_s390x"
},
"product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:7ffb5597a30cff6a3354297b49f9abc40659af14969912dbbae18f1b8e02d040_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:ea93d398ec3c324ad3c6f2745e2f108fc11a5fad461072283a331287798a14a5_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:ea93d398ec3c324ad3c6f2745e2f108fc11a5fad461072283a331287798a14a5_ppc64le"
},
"product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:ea93d398ec3c324ad3c6f2745e2f108fc11a5fad461072283a331287798a14a5_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/iam-policy-controller-rhel8@sha256:fe6035d3ceaeeb5613d843f9d9f2ac54ee2feee4acb5cdb90a67e91ddb559ca7_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:fe6035d3ceaeeb5613d843f9d9f2ac54ee2feee4acb5cdb90a67e91ddb559ca7_amd64"
},
"product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:fe6035d3ceaeeb5613d843f9d9f2ac54ee2feee4acb5cdb90a67e91ddb559ca7_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-client-rhel8@sha256:78a7cc419032136a10af2ac80a7a63d14d7061e299516ad6b6ca12ced0a67e2d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:78a7cc419032136a10af2ac80a7a63d14d7061e299516ad6b6ca12ced0a67e2d_ppc64le"
},
"product_reference": "rhacm2/insights-client-rhel8@sha256:78a7cc419032136a10af2ac80a7a63d14d7061e299516ad6b6ca12ced0a67e2d_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-client-rhel8@sha256:a9e826524107d040b3be58c5d63c5c43255af422f354c629cfccb27fbbc90f03_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:a9e826524107d040b3be58c5d63c5c43255af422f354c629cfccb27fbbc90f03_amd64"
},
"product_reference": "rhacm2/insights-client-rhel8@sha256:a9e826524107d040b3be58c5d63c5c43255af422f354c629cfccb27fbbc90f03_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-client-rhel8@sha256:bd3b882f8e39f32ca41ae5f063dac4a5952f87aa6742f9e64b70f652d687b451_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:bd3b882f8e39f32ca41ae5f063dac4a5952f87aa6742f9e64b70f652d687b451_s390x"
},
"product_reference": "rhacm2/insights-client-rhel8@sha256:bd3b882f8e39f32ca41ae5f063dac4a5952f87aa6742f9e64b70f652d687b451_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-client-rhel8@sha256:c510082c0d9c9e51773405d04a2d1ddfe1d88a6201c68cfb177c952c5eeb1e2f_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:c510082c0d9c9e51773405d04a2d1ddfe1d88a6201c68cfb177c952c5eeb1e2f_arm64"
},
"product_reference": "rhacm2/insights-client-rhel8@sha256:c510082c0d9c9e51773405d04a2d1ddfe1d88a6201c68cfb177c952c5eeb1e2f_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-metrics-rhel8@sha256:177e43c69b52c6b37ad65a847eaafb19fe1bcb4ca792f1f9cfda6e055e893c9b_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:177e43c69b52c6b37ad65a847eaafb19fe1bcb4ca792f1f9cfda6e055e893c9b_arm64"
},
"product_reference": "rhacm2/insights-metrics-rhel8@sha256:177e43c69b52c6b37ad65a847eaafb19fe1bcb4ca792f1f9cfda6e055e893c9b_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-metrics-rhel8@sha256:82c5835e7bd90ab24530f0819e890abb638bdc67febb6e9c27381037e58ee337_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:82c5835e7bd90ab24530f0819e890abb638bdc67febb6e9c27381037e58ee337_amd64"
},
"product_reference": "rhacm2/insights-metrics-rhel8@sha256:82c5835e7bd90ab24530f0819e890abb638bdc67febb6e9c27381037e58ee337_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-metrics-rhel8@sha256:935020d5ea1bde696e163c7161d4538aa2fbb8a9422e6d00b06bdb94ab0b3e26_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:935020d5ea1bde696e163c7161d4538aa2fbb8a9422e6d00b06bdb94ab0b3e26_ppc64le"
},
"product_reference": "rhacm2/insights-metrics-rhel8@sha256:935020d5ea1bde696e163c7161d4538aa2fbb8a9422e6d00b06bdb94ab0b3e26_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-metrics-rhel8@sha256:b2160c35fe42e7d88d3265bce1b9f2f84e79af55f935be174ddbd6413bd3f2d2_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:b2160c35fe42e7d88d3265bce1b9f2f84e79af55f935be174ddbd6413bd3f2d2_s390x"
},
"product_reference": "rhacm2/insights-metrics-rhel8@sha256:b2160c35fe42e7d88d3265bce1b9f2f84e79af55f935be174ddbd6413bd3f2d2_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:0ff0f35f5963130b202c05d9a349b60b32ac3934e4e1e0b537d1cae1a5b4dddd_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:0ff0f35f5963130b202c05d9a349b60b32ac3934e4e1e0b537d1cae1a5b4dddd_amd64"
},
"product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:0ff0f35f5963130b202c05d9a349b60b32ac3934e4e1e0b537d1cae1a5b4dddd_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:64cad7e21fdfcad78af0bf6686fa36e54f2111254404d6d7b2a8aa9f6fac4009_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:64cad7e21fdfcad78af0bf6686fa36e54f2111254404d6d7b2a8aa9f6fac4009_arm64"
},
"product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:64cad7e21fdfcad78af0bf6686fa36e54f2111254404d6d7b2a8aa9f6fac4009_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:766025ff8324ab792dc0fe30192b72b1f6e681695ff9369fdac7cd1f5d0be964_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:766025ff8324ab792dc0fe30192b72b1f6e681695ff9369fdac7cd1f5d0be964_s390x"
},
"product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:766025ff8324ab792dc0fe30192b72b1f6e681695ff9369fdac7cd1f5d0be964_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:dd9dc2f148b72eafd49a59f6913bbe56f4a0c0fb0880f40964241790d9b8f042_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:dd9dc2f148b72eafd49a59f6913bbe56f4a0c0fb0880f40964241790d9b8f042_ppc64le"
},
"product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:dd9dc2f148b72eafd49a59f6913bbe56f4a0c0fb0880f40964241790d9b8f042_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:43c685c96537b0ae174f47abdec172ace314673c758156ebe6b241956be15e35_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:43c685c96537b0ae174f47abdec172ace314673c758156ebe6b241956be15e35_arm64"
},
"product_reference": "rhacm2/klusterlet-addon-rhel8-operator@sha256:43c685c96537b0ae174f47abdec172ace314673c758156ebe6b241956be15e35_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:8403e6090adcc06402b6f523848e68c6ea3199a65aea23133b9cb4efd643d12e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:8403e6090adcc06402b6f523848e68c6ea3199a65aea23133b9cb4efd643d12e_amd64"
},
"product_reference": "rhacm2/klusterlet-addon-rhel8-operator@sha256:8403e6090adcc06402b6f523848e68c6ea3199a65aea23133b9cb4efd643d12e_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:952c658730d28302d2ea3db85650666981a96c8ac372e5f98256a6ac5de0872c_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:952c658730d28302d2ea3db85650666981a96c8ac372e5f98256a6ac5de0872c_ppc64le"
},
"product_reference": "rhacm2/klusterlet-addon-rhel8-operator@sha256:952c658730d28302d2ea3db85650666981a96c8ac372e5f98256a6ac5de0872c_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:c405e7ace2ac21a6af6e8a6dcff0d1401d4e867d18b09390250509898898fca0_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:c405e7ace2ac21a6af6e8a6dcff0d1401d4e867d18b09390250509898898fca0_s390x"
},
"product_reference": "rhacm2/klusterlet-addon-rhel8-operator@sha256:c405e7ace2ac21a6af6e8a6dcff0d1401d4e867d18b09390250509898898fca0_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:2a82563ea7eb827d9794d58d1b3fe6ed986e063e321daf0c71a8e045e7fb0b97_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:2a82563ea7eb827d9794d58d1b3fe6ed986e063e321daf0c71a8e045e7fb0b97_arm64"
},
"product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:2a82563ea7eb827d9794d58d1b3fe6ed986e063e321daf0c71a8e045e7fb0b97_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:48027540bab7cba6ba0d0fbe5fa1405e4fff1e400603662e406b3b8250becb17_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:48027540bab7cba6ba0d0fbe5fa1405e4fff1e400603662e406b3b8250becb17_amd64"
},
"product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:48027540bab7cba6ba0d0fbe5fa1405e4fff1e400603662e406b3b8250becb17_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:9a2ae345587d42587c11fdb31a044fad24d031b53879e670c07b0f4d4ee9289d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:9a2ae345587d42587c11fdb31a044fad24d031b53879e670c07b0f4d4ee9289d_s390x"
},
"product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:9a2ae345587d42587c11fdb31a044fad24d031b53879e670c07b0f4d4ee9289d_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-rbac-proxy-rhel8@sha256:f6560334142127a5287615b508fd02be7f260ed48878479d7a697d8b7c096df9_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:f6560334142127a5287615b508fd02be7f260ed48878479d7a697d8b7c096df9_ppc64le"
},
"product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:f6560334142127a5287615b508fd02be7f260ed48878479d7a697d8b7c096df9_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:1eefd48372a62522af3201d7c420e6172c967620119a9d1fbf721bbfa3c8662b_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:1eefd48372a62522af3201d7c420e6172c967620119a9d1fbf721bbfa3c8662b_arm64"
},
"product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:1eefd48372a62522af3201d7c420e6172c967620119a9d1fbf721bbfa3c8662b_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:726946bb75359dedd7b3b7f242078070da27c6ec8fe5f5d0a335f8c43b497247_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:726946bb75359dedd7b3b7f242078070da27c6ec8fe5f5d0a335f8c43b497247_s390x"
},
"product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:726946bb75359dedd7b3b7f242078070da27c6ec8fe5f5d0a335f8c43b497247_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:e0f92706e646954cf0ee372d26a258736183fb1d4166ffe72026f0d5798a805c_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:e0f92706e646954cf0ee372d26a258736183fb1d4166ffe72026f0d5798a805c_ppc64le"
},
"product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:e0f92706e646954cf0ee372d26a258736183fb1d4166ffe72026f0d5798a805c_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-state-metrics-rhel8@sha256:fd1c3172d4e524dbdd236f25395eca3b0fecefe566bddf817fee2a2d6c11ce41_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:fd1c3172d4e524dbdd236f25395eca3b0fecefe566bddf817fee2a2d6c11ce41_amd64"
},
"product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:fd1c3172d4e524dbdd236f25395eca3b0fecefe566bddf817fee2a2d6c11ce41_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/management-ingress-rhel8@sha256:2dc95682188c90fddfcfd844881e636371a8febe0106397888b9647cccd82e22_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:2dc95682188c90fddfcfd844881e636371a8febe0106397888b9647cccd82e22_amd64"
},
"product_reference": "rhacm2/management-ingress-rhel8@sha256:2dc95682188c90fddfcfd844881e636371a8febe0106397888b9647cccd82e22_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/management-ingress-rhel8@sha256:53b3b39ac29c20f49b396d0373a058a428866b35ca68909e25b16d2bf9a549c8_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:53b3b39ac29c20f49b396d0373a058a428866b35ca68909e25b16d2bf9a549c8_arm64"
},
"product_reference": "rhacm2/management-ingress-rhel8@sha256:53b3b39ac29c20f49b396d0373a058a428866b35ca68909e25b16d2bf9a549c8_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/management-ingress-rhel8@sha256:e9c8b25c555767f6e38ebc3f705b828dab980d24372c834e19f98ca5f747aab4_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:e9c8b25c555767f6e38ebc3f705b828dab980d24372c834e19f98ca5f747aab4_s390x"
},
"product_reference": "rhacm2/management-ingress-rhel8@sha256:e9c8b25c555767f6e38ebc3f705b828dab980d24372c834e19f98ca5f747aab4_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/management-ingress-rhel8@sha256:f12af1c3fa06e65c3c6ebf9ab4480f37ea20b9ef512951586d67b91f39049eda_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:f12af1c3fa06e65c3c6ebf9ab4480f37ea20b9ef512951586d67b91f39049eda_ppc64le"
},
"product_reference": "rhacm2/management-ingress-rhel8@sha256:f12af1c3fa06e65c3c6ebf9ab4480f37ea20b9ef512951586d67b91f39049eda_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:180f4c99795f9d2ca6443f9b1aa7b7d312badde5ad178883a322fbf1e32668b6_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:180f4c99795f9d2ca6443f9b1aa7b7d312badde5ad178883a322fbf1e32668b6_s390x"
},
"product_reference": "rhacm2/memcached-exporter-rhel8@sha256:180f4c99795f9d2ca6443f9b1aa7b7d312badde5ad178883a322fbf1e32668b6_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:665a3780f90b7a368a9b8029b82ec67706edcc43f19bef00699938b5d69ad3af_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:665a3780f90b7a368a9b8029b82ec67706edcc43f19bef00699938b5d69ad3af_arm64"
},
"product_reference": "rhacm2/memcached-exporter-rhel8@sha256:665a3780f90b7a368a9b8029b82ec67706edcc43f19bef00699938b5d69ad3af_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:77d392b5aacc8d801555e67617e190248aaed68fbe7c94441c1388b5cb8413ea_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:77d392b5aacc8d801555e67617e190248aaed68fbe7c94441c1388b5cb8413ea_ppc64le"
},
"product_reference": "rhacm2/memcached-exporter-rhel8@sha256:77d392b5aacc8d801555e67617e190248aaed68fbe7c94441c1388b5cb8413ea_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-exporter-rhel8@sha256:f3dd4ab4cec97b6386d184840458d280d0bdf87e2e1655979b6993375e999fb4_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:f3dd4ab4cec97b6386d184840458d280d0bdf87e2e1655979b6993375e999fb4_amd64"
},
"product_reference": "rhacm2/memcached-exporter-rhel8@sha256:f3dd4ab4cec97b6386d184840458d280d0bdf87e2e1655979b6993375e999fb4_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-rhel8@sha256:23a56996738b70dde20a1cdc501b827827ba36894db8cd9826363b69d8839fa8_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:23a56996738b70dde20a1cdc501b827827ba36894db8cd9826363b69d8839fa8_amd64"
},
"product_reference": "rhacm2/memcached-rhel8@sha256:23a56996738b70dde20a1cdc501b827827ba36894db8cd9826363b69d8839fa8_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-rhel8@sha256:658614306f6af7dfad068e94b82632e56e05a4c82573363b8040515ffa293baa_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:658614306f6af7dfad068e94b82632e56e05a4c82573363b8040515ffa293baa_s390x"
},
"product_reference": "rhacm2/memcached-rhel8@sha256:658614306f6af7dfad068e94b82632e56e05a4c82573363b8040515ffa293baa_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-rhel8@sha256:8d3fd86ec310053c5dd830dd92a80435e70c77514de7944c20109167e364c858_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:8d3fd86ec310053c5dd830dd92a80435e70c77514de7944c20109167e364c858_ppc64le"
},
"product_reference": "rhacm2/memcached-rhel8@sha256:8d3fd86ec310053c5dd830dd92a80435e70c77514de7944c20109167e364c858_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-rhel8@sha256:c2e6e977525643713a0bf7a60fe41c2b417564bb73da4272f76609fc02faa89c_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:c2e6e977525643713a0bf7a60fe41c2b417564bb73da4272f76609fc02faa89c_arm64"
},
"product_reference": "rhacm2/memcached-rhel8@sha256:c2e6e977525643713a0bf7a60fe41c2b417564bb73da4272f76609fc02faa89c_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/metrics-collector-rhel8@sha256:847f175776002883e98bc65bd0c4b41ec77f4b7c7b732beca3fbd9b5381e28cf_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:847f175776002883e98bc65bd0c4b41ec77f4b7c7b732beca3fbd9b5381e28cf_amd64"
},
"product_reference": "rhacm2/metrics-collector-rhel8@sha256:847f175776002883e98bc65bd0c4b41ec77f4b7c7b732beca3fbd9b5381e28cf_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/metrics-collector-rhel8@sha256:bb49e64f19f5e8437c1eeb0feeec4ca5c5c96138e92a0e8ffa5e5113cfa9efd3_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:bb49e64f19f5e8437c1eeb0feeec4ca5c5c96138e92a0e8ffa5e5113cfa9efd3_ppc64le"
},
"product_reference": "rhacm2/metrics-collector-rhel8@sha256:bb49e64f19f5e8437c1eeb0feeec4ca5c5c96138e92a0e8ffa5e5113cfa9efd3_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/metrics-collector-rhel8@sha256:ec44df7a78953b308020eabb6e304a5ff6582a319643bd44801f1a5f4ddfb69b_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:ec44df7a78953b308020eabb6e304a5ff6582a319643bd44801f1a5f4ddfb69b_arm64"
},
"product_reference": "rhacm2/metrics-collector-rhel8@sha256:ec44df7a78953b308020eabb6e304a5ff6582a319643bd44801f1a5f4ddfb69b_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/metrics-collector-rhel8@sha256:f77de7ec080ad1b2d46a0020ecb19a56bb666244c0166efa8ba13cd74720b24e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:f77de7ec080ad1b2d46a0020ecb19a56bb666244c0166efa8ba13cd74720b24e_s390x"
},
"product_reference": "rhacm2/metrics-collector-rhel8@sha256:f77de7ec080ad1b2d46a0020ecb19a56bb666244c0166efa8ba13cd74720b24e_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:5130c638f0cb5c5da92a79d7a62806836d63fff3432ac9455f0354c22dd956bd_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:5130c638f0cb5c5da92a79d7a62806836d63fff3432ac9455f0354c22dd956bd_ppc64le"
},
"product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:5130c638f0cb5c5da92a79d7a62806836d63fff3432ac9455f0354c22dd956bd_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:7c06a0724a5fbe7dfc5c3fcb486963dbd9669d21e83d971c5d4cef144b3e498e_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:7c06a0724a5fbe7dfc5c3fcb486963dbd9669d21e83d971c5d4cef144b3e498e_arm64"
},
"product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:7c06a0724a5fbe7dfc5c3fcb486963dbd9669d21e83d971c5d4cef144b3e498e_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:9cf5c2d969971bb650ef6292e297f17d60aba96495656e86d2dfab6a63506bfb_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:9cf5c2d969971bb650ef6292e297f17d60aba96495656e86d2dfab6a63506bfb_amd64"
},
"product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:9cf5c2d969971bb650ef6292e297f17d60aba96495656e86d2dfab6a63506bfb_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-integrations-rhel8@sha256:fff0e652bd2ff20104be92b1e7a68137154c8c91a3fc693240c546dc4ed24a7d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:fff0e652bd2ff20104be92b1e7a68137154c8c91a3fc693240c546dc4ed24a7d_s390x"
},
"product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:fff0e652bd2ff20104be92b1e7a68137154c8c91a3fc693240c546dc4ed24a7d_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:2fc1f279e5ea52a4065d6a2e11045f4d3ed690341f61547381770cd6dfcd16eb_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:2fc1f279e5ea52a4065d6a2e11045f4d3ed690341f61547381770cd6dfcd16eb_ppc64le"
},
"product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:2fc1f279e5ea52a4065d6a2e11045f4d3ed690341f61547381770cd6dfcd16eb_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:483385e39d12236ae4e141cce2a2f36e53cfa60b27d53744ee3acd55773531f4_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:483385e39d12236ae4e141cce2a2f36e53cfa60b27d53744ee3acd55773531f4_s390x"
},
"product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:483385e39d12236ae4e141cce2a2f36e53cfa60b27d53744ee3acd55773531f4_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:94c991f8a50f2f7f053fd2312bdca91a4c37d75bfb81fcb89997910dc4060d60_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:94c991f8a50f2f7f053fd2312bdca91a4c37d75bfb81fcb89997910dc4060d60_arm64"
},
"product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:94c991f8a50f2f7f053fd2312bdca91a4c37d75bfb81fcb89997910dc4060d60_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-observability-rhel8-operator@sha256:9dc50b329620f973b487851c178c117c98458ca0345e95cfe132077eb41ec82f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:9dc50b329620f973b487851c178c117c98458ca0345e95cfe132077eb41ec82f_amd64"
},
"product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:9dc50b329620f973b487851c178c117c98458ca0345e95cfe132077eb41ec82f_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:5a9f047369f26599841935ecba6c44365626abda4d1b147a0535945b79a28ed6_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:5a9f047369f26599841935ecba6c44365626abda4d1b147a0535945b79a28ed6_arm64"
},
"product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:5a9f047369f26599841935ecba6c44365626abda4d1b147a0535945b79a28ed6_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:60e1dc469ad22eabf7c4196a0bfcea6a98bdefc095e3dac5a7a9c6afd995a569_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:60e1dc469ad22eabf7c4196a0bfcea6a98bdefc095e3dac5a7a9c6afd995a569_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:60e1dc469ad22eabf7c4196a0bfcea6a98bdefc095e3dac5a7a9c6afd995a569_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:6d027f6201b58eaf5cf7f8e00ab3892b06cfe51cea0398779a0c610c24d973a3_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:6d027f6201b58eaf5cf7f8e00ab3892b06cfe51cea0398779a0c610c24d973a3_amd64"
},
"product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:6d027f6201b58eaf5cf7f8e00ab3892b06cfe51cea0398779a0c610c24d973a3_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-application-rhel8@sha256:e6c1af572e3752fc7a500eb2a83af5007686c5eb20d6d7835283ab5c95fe4d0b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:e6c1af572e3752fc7a500eb2a83af5007686c5eb20d6d7835283ab5c95fe4d0b_s390x"
},
"product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:e6c1af572e3752fc7a500eb2a83af5007686c5eb20d6d7835283ab5c95fe4d0b_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:1409fc96147bf7ceb384434b9413845aa08cc7fb137044b3ebe9d8382b5439d5_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:1409fc96147bf7ceb384434b9413845aa08cc7fb137044b3ebe9d8382b5439d5_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:1409fc96147bf7ceb384434b9413845aa08cc7fb137044b3ebe9d8382b5439d5_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:19289b0a7fc403741c6b9b4ca7942830c7e5fb27be742204f8ce70107347e2f8_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:19289b0a7fc403741c6b9b4ca7942830c7e5fb27be742204f8ce70107347e2f8_s390x"
},
"product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:19289b0a7fc403741c6b9b4ca7942830c7e5fb27be742204f8ce70107347e2f8_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:351f51131b86bbc57f989995c61302b083194f5fc9fe9e4fabad9fb981e86af8_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:351f51131b86bbc57f989995c61302b083194f5fc9fe9e4fabad9fb981e86af8_arm64"
},
"product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:351f51131b86bbc57f989995c61302b083194f5fc9fe9e4fabad9fb981e86af8_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-channel-rhel8@sha256:a84876ffe39b4d4ff88202aa4f7b003b5bb5d6c861f2f06d12f3f6c1eee76b5d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:a84876ffe39b4d4ff88202aa4f7b003b5bb5d6c861f2f06d12f3f6c1eee76b5d_amd64"
},
"product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:a84876ffe39b4d4ff88202aa4f7b003b5bb5d6c861f2f06d12f3f6c1eee76b5d_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:16ee05735318605d0b056f85dd63ca67bfc1f133f0431b6471bf8f048f73ed1e_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:16ee05735318605d0b056f85dd63ca67bfc1f133f0431b6471bf8f048f73ed1e_arm64"
},
"product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:16ee05735318605d0b056f85dd63ca67bfc1f133f0431b6471bf8f048f73ed1e_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:1bdefa82ed71290123f6110a3bb9a9aba9f241e47a9fdecbb593468ead951977_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:1bdefa82ed71290123f6110a3bb9a9aba9f241e47a9fdecbb593468ead951977_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:1bdefa82ed71290123f6110a3bb9a9aba9f241e47a9fdecbb593468ead951977_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:7701135183a6283a7ec73e1a8431ec1f4056b73d5aff083ffcdfc34a4061c77a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:7701135183a6283a7ec73e1a8431ec1f4056b73d5aff083ffcdfc34a4061c77a_amd64"
},
"product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:7701135183a6283a7ec73e1a8431ec1f4056b73d5aff083ffcdfc34a4061c77a_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:b239125eee8c5de8f5aa3b5933cd2351920fa157e9276e3409c22dc2e8a9a228_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:b239125eee8c5de8f5aa3b5933cd2351920fa157e9276e3409c22dc2e8a9a228_s390x"
},
"product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:b239125eee8c5de8f5aa3b5933cd2351920fa157e9276e3409c22dc2e8a9a228_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:251fdbfc363c19a627f63fbb22a6a592a8a296774185c1aa0096c114d0bd4091_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:251fdbfc363c19a627f63fbb22a6a592a8a296774185c1aa0096c114d0bd4091_arm64"
},
"product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:251fdbfc363c19a627f63fbb22a6a592a8a296774185c1aa0096c114d0bd4091_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:4d43221046f770b6f035d9e891562b66d12cbafa12ed2f64449c4cfb9046c578_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:4d43221046f770b6f035d9e891562b66d12cbafa12ed2f64449c4cfb9046c578_ppc64le"
},
"product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:4d43221046f770b6f035d9e891562b66d12cbafa12ed2f64449c4cfb9046c578_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:4e472f967f2ed248a41901f1eea143f8b53cc67d2b00fb7f366b30e0ad4c3589_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:4e472f967f2ed248a41901f1eea143f8b53cc67d2b00fb7f366b30e0ad4c3589_s390x"
},
"product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:4e472f967f2ed248a41901f1eea143f8b53cc67d2b00fb7f366b30e0ad4c3589_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-repo-rhel8@sha256:b9490680a3ecd5a5888370a2d6008ce5e9a5734213848f9ca40e3ead9a87c561_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:b9490680a3ecd5a5888370a2d6008ce5e9a5734213848f9ca40e3ead9a87c561_amd64"
},
"product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:b9490680a3ecd5a5888370a2d6008ce5e9a5734213848f9ca40e3ead9a87c561_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:2762fa7fbdf750aa78402ac7342666868e01191f2eb19f45fade7da1a0267995_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:2762fa7fbdf750aa78402ac7342666868e01191f2eb19f45fade7da1a0267995_amd64"
},
"product_reference": "rhacm2/multiclusterhub-rhel8@sha256:2762fa7fbdf750aa78402ac7342666868e01191f2eb19f45fade7da1a0267995_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:2d46519833383fa8ad6dd8fa221a83b8546d99e5ecddc97115812a1c5d74ce08_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:2d46519833383fa8ad6dd8fa221a83b8546d99e5ecddc97115812a1c5d74ce08_arm64"
},
"product_reference": "rhacm2/multiclusterhub-rhel8@sha256:2d46519833383fa8ad6dd8fa221a83b8546d99e5ecddc97115812a1c5d74ce08_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:696ba3d5ab05c91a4cca2d42cd333d86ea403d96795c09b4e263927338b37aed_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:696ba3d5ab05c91a4cca2d42cd333d86ea403d96795c09b4e263927338b37aed_ppc64le"
},
"product_reference": "rhacm2/multiclusterhub-rhel8@sha256:696ba3d5ab05c91a4cca2d42cd333d86ea403d96795c09b4e263927338b37aed_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-rhel8@sha256:96d55bba7efbfcb441d30ac5cf276bf3b4a103f128fcc78b2feb8bd6a655fef7_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:96d55bba7efbfcb441d30ac5cf276bf3b4a103f128fcc78b2feb8bd6a655fef7_s390x"
},
"product_reference": "rhacm2/multiclusterhub-rhel8@sha256:96d55bba7efbfcb441d30ac5cf276bf3b4a103f128fcc78b2feb8bd6a655fef7_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/node-exporter-rhel8@sha256:1d0c886b13aa793c1020be7fa5cd561301679fc6274199ccff15ad71543359c1_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:1d0c886b13aa793c1020be7fa5cd561301679fc6274199ccff15ad71543359c1_arm64"
},
"product_reference": "rhacm2/node-exporter-rhel8@sha256:1d0c886b13aa793c1020be7fa5cd561301679fc6274199ccff15ad71543359c1_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/node-exporter-rhel8@sha256:4a20372b3bdbad27be2a66394cf478510f46d1623196e0edef5f4d30b2c6a481_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:4a20372b3bdbad27be2a66394cf478510f46d1623196e0edef5f4d30b2c6a481_ppc64le"
},
"product_reference": "rhacm2/node-exporter-rhel8@sha256:4a20372b3bdbad27be2a66394cf478510f46d1623196e0edef5f4d30b2c6a481_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/node-exporter-rhel8@sha256:d3c8623f8e58908c2955690a448f7684efb851d0eb32940415cc824cef049416_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:d3c8623f8e58908c2955690a448f7684efb851d0eb32940415cc824cef049416_s390x"
},
"product_reference": "rhacm2/node-exporter-rhel8@sha256:d3c8623f8e58908c2955690a448f7684efb851d0eb32940415cc824cef049416_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/node-exporter-rhel8@sha256:d451edefd87f86ddfc042c1216e76e3e6a94cd4375ac3626c3c1dcaca88827d6_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:d451edefd87f86ddfc042c1216e76e3e6a94cd4375ac3626c3c1dcaca88827d6_amd64"
},
"product_reference": "rhacm2/node-exporter-rhel8@sha256:d451edefd87f86ddfc042c1216e76e3e6a94cd4375ac3626c3c1dcaca88827d6_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:30c58870faabb47c374b30d98520532e7e053e050daf8bed4a1fb743bf486889_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:30c58870faabb47c374b30d98520532e7e053e050daf8bed4a1fb743bf486889_arm64"
},
"product_reference": "rhacm2/observatorium-rhel8-operator@sha256:30c58870faabb47c374b30d98520532e7e053e050daf8bed4a1fb743bf486889_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:69af1060e3e46d6b50e7236dff741d74c2f79b1d6791f5f14079d32caa93adc4_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:69af1060e3e46d6b50e7236dff741d74c2f79b1d6791f5f14079d32caa93adc4_amd64"
},
"product_reference": "rhacm2/observatorium-rhel8-operator@sha256:69af1060e3e46d6b50e7236dff741d74c2f79b1d6791f5f14079d32caa93adc4_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:7e21e40121c3af549229b0933bfd6e9d0f705fa5285936c489c4df03a0625e71_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:7e21e40121c3af549229b0933bfd6e9d0f705fa5285936c489c4df03a0625e71_ppc64le"
},
"product_reference": "rhacm2/observatorium-rhel8-operator@sha256:7e21e40121c3af549229b0933bfd6e9d0f705fa5285936c489c4df03a0625e71_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8-operator@sha256:d9b626336ef66d09cddd9bf3a18c9bec87ed38c943d482d3e75dce8e35241302_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:d9b626336ef66d09cddd9bf3a18c9bec87ed38c943d482d3e75dce8e35241302_s390x"
},
"product_reference": "rhacm2/observatorium-rhel8-operator@sha256:d9b626336ef66d09cddd9bf3a18c9bec87ed38c943d482d3e75dce8e35241302_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8@sha256:437b4ed4b258e75f44f5637bd5dfae6b84bd6a44546ed658bded0977e0bf1bc9_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:437b4ed4b258e75f44f5637bd5dfae6b84bd6a44546ed658bded0977e0bf1bc9_arm64"
},
"product_reference": "rhacm2/observatorium-rhel8@sha256:437b4ed4b258e75f44f5637bd5dfae6b84bd6a44546ed658bded0977e0bf1bc9_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8@sha256:5c81a6e390614069fb163ab03b85f9d97f4fa844e37840bd5506ea146648453b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:5c81a6e390614069fb163ab03b85f9d97f4fa844e37840bd5506ea146648453b_s390x"
},
"product_reference": "rhacm2/observatorium-rhel8@sha256:5c81a6e390614069fb163ab03b85f9d97f4fa844e37840bd5506ea146648453b_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8@sha256:ddf8516f281d15b217becd9bc79c56ac30bc814ed607a76cd5244d1a270e2efe_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:ddf8516f281d15b217becd9bc79c56ac30bc814ed607a76cd5244d1a270e2efe_amd64"
},
"product_reference": "rhacm2/observatorium-rhel8@sha256:ddf8516f281d15b217becd9bc79c56ac30bc814ed607a76cd5244d1a270e2efe_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel8@sha256:e43c7a3af4de5d8933d6d961db25c3d635af7dbb62f9b69bdc72bc0b408e54e8_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:e43c7a3af4de5d8933d6d961db25c3d635af7dbb62f9b69bdc72bc0b408e54e8_ppc64le"
},
"product_reference": "rhacm2/observatorium-rhel8@sha256:e43c7a3af4de5d8933d6d961db25c3d635af7dbb62f9b69bdc72bc0b408e54e8_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:31e9c23c4910f67e4c47a5bc5108e355ad0d10803fc2acb7f8fa26803ef3db47_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:31e9c23c4910f67e4c47a5bc5108e355ad0d10803fc2acb7f8fa26803ef3db47_arm64"
},
"product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:31e9c23c4910f67e4c47a5bc5108e355ad0d10803fc2acb7f8fa26803ef3db47_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:5136daa52d90cb01f36e9c8893c9258a4d4897da9d643aa55bbe70dd595069fa_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:5136daa52d90cb01f36e9c8893c9258a4d4897da9d643aa55bbe70dd595069fa_amd64"
},
"product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:5136daa52d90cb01f36e9c8893c9258a4d4897da9d643aa55bbe70dd595069fa_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:a9950fd16ed4c57c8f9d57b7d67b0d799c06c0aa35009bf9ee65b4efe1199621_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:a9950fd16ed4c57c8f9d57b7d67b0d799c06c0aa35009bf9ee65b4efe1199621_s390x"
},
"product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:a9950fd16ed4c57c8f9d57b7d67b0d799c06c0aa35009bf9ee65b4efe1199621_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-alertmanager-rhel8@sha256:f3bc894a07da644b30e4f1961e027af4a77f6cae43c31a7f6c7cd7f2f15dbf5a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:f3bc894a07da644b30e4f1961e027af4a77f6cae43c31a7f6c7cd7f2f15dbf5a_ppc64le"
},
"product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:f3bc894a07da644b30e4f1961e027af4a77f6cae43c31a7f6c7cd7f2f15dbf5a_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-rhel8@sha256:4e89bd8af4de796b1664facfb75472e04f3a100e05a31c465e0fc1632f2d8922_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:4e89bd8af4de796b1664facfb75472e04f3a100e05a31c465e0fc1632f2d8922_amd64"
},
"product_reference": "rhacm2/prometheus-rhel8@sha256:4e89bd8af4de796b1664facfb75472e04f3a100e05a31c465e0fc1632f2d8922_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-rhel8@sha256:6711573af9580dc36f2b6d1f650c64eaf079095c9afdefacb1483a92c2c5d3bb_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:6711573af9580dc36f2b6d1f650c64eaf079095c9afdefacb1483a92c2c5d3bb_s390x"
},
"product_reference": "rhacm2/prometheus-rhel8@sha256:6711573af9580dc36f2b6d1f650c64eaf079095c9afdefacb1483a92c2c5d3bb_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-rhel8@sha256:7493e261657f796e172d612b11a782802d305a43f08b5a142516d9c49d4fd8ea_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:7493e261657f796e172d612b11a782802d305a43f08b5a142516d9c49d4fd8ea_arm64"
},
"product_reference": "rhacm2/prometheus-rhel8@sha256:7493e261657f796e172d612b11a782802d305a43f08b5a142516d9c49d4fd8ea_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-rhel8@sha256:df47ccd132cc17cac35d4a597e2d1582d1086754b402b5579f177a54d7e8dec8_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:df47ccd132cc17cac35d4a597e2d1582d1086754b402b5579f177a54d7e8dec8_ppc64le"
},
"product_reference": "rhacm2/prometheus-rhel8@sha256:df47ccd132cc17cac35d4a597e2d1582d1086754b402b5579f177a54d7e8dec8_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:34d2b9425cf277415a42493a53de6c08d23f5fbec34adfac581e161ef112a751_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:34d2b9425cf277415a42493a53de6c08d23f5fbec34adfac581e161ef112a751_amd64"
},
"product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:34d2b9425cf277415a42493a53de6c08d23f5fbec34adfac581e161ef112a751_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:7a724abe99c4f15328d11c29ab2fd94dbed3771353d5eaf3dabcfab9a929b1ce_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:7a724abe99c4f15328d11c29ab2fd94dbed3771353d5eaf3dabcfab9a929b1ce_ppc64le"
},
"product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:7a724abe99c4f15328d11c29ab2fd94dbed3771353d5eaf3dabcfab9a929b1ce_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:90a616349526a7b2bfbff5edbb4c5914dbcf0b472ed763966871a92d9996700a_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:90a616349526a7b2bfbff5edbb4c5914dbcf0b472ed763966871a92d9996700a_arm64"
},
"product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:90a616349526a7b2bfbff5edbb4c5914dbcf0b472ed763966871a92d9996700a_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/rbac-query-proxy-rhel8@sha256:e749feb6787bc37d826bbfb6bf7fc78509c31e3cec10b74791ff13f06ec1e519_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:e749feb6787bc37d826bbfb6bf7fc78509c31e3cec10b74791ff13f06ec1e519_s390x"
},
"product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:e749feb6787bc37d826bbfb6bf7fc78509c31e3cec10b74791ff13f06ec1e519_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:19bb860788c5157f4cb4dedd6fe29661bc3400708486ed7a0dcbb5e32bc61f68_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:19bb860788c5157f4cb4dedd6fe29661bc3400708486ed7a0dcbb5e32bc61f68_arm64"
},
"product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:19bb860788c5157f4cb4dedd6fe29661bc3400708486ed7a0dcbb5e32bc61f68_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:344d572012f7a894b1c4208e51b3e2b20fc46723972de2431494ce7d86bd7694_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:344d572012f7a894b1c4208e51b3e2b20fc46723972de2431494ce7d86bd7694_s390x"
},
"product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:344d572012f7a894b1c4208e51b3e2b20fc46723972de2431494ce7d86bd7694_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:97cda65bbc9c9da02d5cb804354ddd5879787dcc0d87e354b20fbb66d0a88c22_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:97cda65bbc9c9da02d5cb804354ddd5879787dcc0d87e354b20fbb66d0a88c22_amd64"
},
"product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:97cda65bbc9c9da02d5cb804354ddd5879787dcc0d87e354b20fbb66d0a88c22_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/redisgraph-tls-rhel8@sha256:aa4f75dc9257e6244b177efd1b727a6f42639dbaf26d8b1fff6013698548a2fd_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:aa4f75dc9257e6244b177efd1b727a6f42639dbaf26d8b1fff6013698548a2fd_ppc64le"
},
"product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:aa4f75dc9257e6244b177efd1b727a6f42639dbaf26d8b1fff6013698548a2fd_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-aggregator-rhel8@sha256:27709f9b5f7bb83996e8ce92e02e379a9533dc74bf8997c5789676727547c710_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:27709f9b5f7bb83996e8ce92e02e379a9533dc74bf8997c5789676727547c710_arm64"
},
"product_reference": "rhacm2/search-aggregator-rhel8@sha256:27709f9b5f7bb83996e8ce92e02e379a9533dc74bf8997c5789676727547c710_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-aggregator-rhel8@sha256:442cccd2570283d4b98fd115ca354905121e375560332f1718e790e431caa87a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:442cccd2570283d4b98fd115ca354905121e375560332f1718e790e431caa87a_amd64"
},
"product_reference": "rhacm2/search-aggregator-rhel8@sha256:442cccd2570283d4b98fd115ca354905121e375560332f1718e790e431caa87a_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-aggregator-rhel8@sha256:4515e7dd38daabaddd921e52a73d7c1272dfe2a0ddf21a2a36994f0335af8cb8_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:4515e7dd38daabaddd921e52a73d7c1272dfe2a0ddf21a2a36994f0335af8cb8_s390x"
},
"product_reference": "rhacm2/search-aggregator-rhel8@sha256:4515e7dd38daabaddd921e52a73d7c1272dfe2a0ddf21a2a36994f0335af8cb8_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-aggregator-rhel8@sha256:fa9ca39b3ddb6213daa0350f27f7e2099a728de5aecc031032e688626e754382_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:fa9ca39b3ddb6213daa0350f27f7e2099a728de5aecc031032e688626e754382_ppc64le"
},
"product_reference": "rhacm2/search-aggregator-rhel8@sha256:fa9ca39b3ddb6213daa0350f27f7e2099a728de5aecc031032e688626e754382_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-api-rhel8@sha256:03996c596cf7360aa4ab3b15e5cbaca13facb7a982ce6fb17e696f3b7711a4fa_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:03996c596cf7360aa4ab3b15e5cbaca13facb7a982ce6fb17e696f3b7711a4fa_ppc64le"
},
"product_reference": "rhacm2/search-api-rhel8@sha256:03996c596cf7360aa4ab3b15e5cbaca13facb7a982ce6fb17e696f3b7711a4fa_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-api-rhel8@sha256:a2d0e849a731c00405d2ff0d109ba63cde8196525787ac8c454f0a405c994fce_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:a2d0e849a731c00405d2ff0d109ba63cde8196525787ac8c454f0a405c994fce_s390x"
},
"product_reference": "rhacm2/search-api-rhel8@sha256:a2d0e849a731c00405d2ff0d109ba63cde8196525787ac8c454f0a405c994fce_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-api-rhel8@sha256:ab64cf0bbd15cef347b302a1933dc88172f5db8f730d758177639c8f869e063c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:ab64cf0bbd15cef347b302a1933dc88172f5db8f730d758177639c8f869e063c_amd64"
},
"product_reference": "rhacm2/search-api-rhel8@sha256:ab64cf0bbd15cef347b302a1933dc88172f5db8f730d758177639c8f869e063c_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-api-rhel8@sha256:d715956ae4cc984f551480ef4d43337c0ec5db7488c9ebc16d061c5b015e6ecd_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:d715956ae4cc984f551480ef4d43337c0ec5db7488c9ebc16d061c5b015e6ecd_arm64"
},
"product_reference": "rhacm2/search-api-rhel8@sha256:d715956ae4cc984f551480ef4d43337c0ec5db7488c9ebc16d061c5b015e6ecd_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-collector-rhel8@sha256:616a381b172de928f5460b77ecff39c0c285dc69efe52161755348f9dcf1318e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:616a381b172de928f5460b77ecff39c0c285dc69efe52161755348f9dcf1318e_ppc64le"
},
"product_reference": "rhacm2/search-collector-rhel8@sha256:616a381b172de928f5460b77ecff39c0c285dc69efe52161755348f9dcf1318e_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-collector-rhel8@sha256:73141807ef57fa62d1f827956d1835bed5e9fe8033fa51429cba6c055fca9cd7_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:73141807ef57fa62d1f827956d1835bed5e9fe8033fa51429cba6c055fca9cd7_amd64"
},
"product_reference": "rhacm2/search-collector-rhel8@sha256:73141807ef57fa62d1f827956d1835bed5e9fe8033fa51429cba6c055fca9cd7_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-collector-rhel8@sha256:82a4817ed9a8b3040c69b5fc0328a1bdfbc2bddc78229855afc571c36789c531_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:82a4817ed9a8b3040c69b5fc0328a1bdfbc2bddc78229855afc571c36789c531_s390x"
},
"product_reference": "rhacm2/search-collector-rhel8@sha256:82a4817ed9a8b3040c69b5fc0328a1bdfbc2bddc78229855afc571c36789c531_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-collector-rhel8@sha256:e30dbde785d8ffd716deeea10c6d08b8bc2a1ef8d3994618dccbd5cd04e18fcb_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:e30dbde785d8ffd716deeea10c6d08b8bc2a1ef8d3994618dccbd5cd04e18fcb_arm64"
},
"product_reference": "rhacm2/search-collector-rhel8@sha256:e30dbde785d8ffd716deeea10c6d08b8bc2a1ef8d3994618dccbd5cd04e18fcb_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-rhel8@sha256:1247fd4ec39b8eabe95101251efe86f5cf3f652e46ab54fe218b9b595dfb0eb2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:1247fd4ec39b8eabe95101251efe86f5cf3f652e46ab54fe218b9b595dfb0eb2_amd64"
},
"product_reference": "rhacm2/search-rhel8@sha256:1247fd4ec39b8eabe95101251efe86f5cf3f652e46ab54fe218b9b595dfb0eb2_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-rhel8@sha256:949f045375b480fea4957f5948da59529ddf11b49dd2545763bec570291f6b4b_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:949f045375b480fea4957f5948da59529ddf11b49dd2545763bec570291f6b4b_arm64"
},
"product_reference": "rhacm2/search-rhel8@sha256:949f045375b480fea4957f5948da59529ddf11b49dd2545763bec570291f6b4b_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-rhel8@sha256:b3fccae0f3e18c5da3622307e020c0e102ddd33e93ccfce67b9dc2e2fd859b87_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:b3fccae0f3e18c5da3622307e020c0e102ddd33e93ccfce67b9dc2e2fd859b87_ppc64le"
},
"product_reference": "rhacm2/search-rhel8@sha256:b3fccae0f3e18c5da3622307e020c0e102ddd33e93ccfce67b9dc2e2fd859b87_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-rhel8@sha256:b7e7b0b5651fcd4bfa344c1fff8bb17f4e088a1fa7d5577a983e00817e32310d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:b7e7b0b5651fcd4bfa344c1fff8bb17f4e088a1fa7d5577a983e00817e32310d_s390x"
},
"product_reference": "rhacm2/search-rhel8@sha256:b7e7b0b5651fcd4bfa344c1fff8bb17f4e088a1fa7d5577a983e00817e32310d_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-addon-rhel8@sha256:11d9f2f0596b78de203b009a208d00dbba55d101b8abf93a1299cfc50b37ec62_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:11d9f2f0596b78de203b009a208d00dbba55d101b8abf93a1299cfc50b37ec62_arm64"
},
"product_reference": "rhacm2/submariner-addon-rhel8@sha256:11d9f2f0596b78de203b009a208d00dbba55d101b8abf93a1299cfc50b37ec62_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-addon-rhel8@sha256:148cce1e22e9112eadd38e60af4b5f4b5c483569646e84cf859d17c6b9d37f57_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:148cce1e22e9112eadd38e60af4b5f4b5c483569646e84cf859d17c6b9d37f57_amd64"
},
"product_reference": "rhacm2/submariner-addon-rhel8@sha256:148cce1e22e9112eadd38e60af4b5f4b5c483569646e84cf859d17c6b9d37f57_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-addon-rhel8@sha256:199c50f2e510493dd660739f4acbf831c4855b12927f531d1af6f96c76dba547_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:199c50f2e510493dd660739f4acbf831c4855b12927f531d1af6f96c76dba547_ppc64le"
},
"product_reference": "rhacm2/submariner-addon-rhel8@sha256:199c50f2e510493dd660739f4acbf831c4855b12927f531d1af6f96c76dba547_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-addon-rhel8@sha256:f68201802e6754412c1181f707aed07058ad1e0d4d22b300c89c73de48cfd3f8_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:f68201802e6754412c1181f707aed07058ad1e0d4d22b300c89c73de48cfd3f8_s390x"
},
"product_reference": "rhacm2/submariner-addon-rhel8@sha256:f68201802e6754412c1181f707aed07058ad1e0d4d22b300c89c73de48cfd3f8_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:03e5c4e4dc14a3486ea7e682dea8b0eeb22f7316a309f15de69e85c988c06fd7_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:03e5c4e4dc14a3486ea7e682dea8b0eeb22f7316a309f15de69e85c988c06fd7_amd64"
},
"product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:03e5c4e4dc14a3486ea7e682dea8b0eeb22f7316a309f15de69e85c988c06fd7_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:12c712adceceb029355b9b4a037bfe66a2a08ce3c6a2ce7793d6d2e9533dc470_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:12c712adceceb029355b9b4a037bfe66a2a08ce3c6a2ce7793d6d2e9533dc470_s390x"
},
"product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:12c712adceceb029355b9b4a037bfe66a2a08ce3c6a2ce7793d6d2e9533dc470_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:a1ca558db817306610d0282bb2dcd95467478cf986d9eab68d63fcb915a0058e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:a1ca558db817306610d0282bb2dcd95467478cf986d9eab68d63fcb915a0058e_ppc64le"
},
"product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:a1ca558db817306610d0282bb2dcd95467478cf986d9eab68d63fcb915a0058e_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-receive-controller-rhel8@sha256:a4700bdcda826ff18dc059a2df83f99ef39973e9fbfffff1b4ff8e6182d764ce_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:a4700bdcda826ff18dc059a2df83f99ef39973e9fbfffff1b4ff8e6182d764ce_arm64"
},
"product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:a4700bdcda826ff18dc059a2df83f99ef39973e9fbfffff1b4ff8e6182d764ce_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-rhel8@sha256:0c9b23fa9b2fb28fc7a36a80c8a34a525b5f112c4bf956d258c41a2fc731f94d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:0c9b23fa9b2fb28fc7a36a80c8a34a525b5f112c4bf956d258c41a2fc731f94d_amd64"
},
"product_reference": "rhacm2/thanos-rhel8@sha256:0c9b23fa9b2fb28fc7a36a80c8a34a525b5f112c4bf956d258c41a2fc731f94d_amd64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-rhel8@sha256:6e68ad16de1a769cfcf47cc06353f53fe9f485132b7756aa38aea0e79ea119f9_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:6e68ad16de1a769cfcf47cc06353f53fe9f485132b7756aa38aea0e79ea119f9_arm64"
},
"product_reference": "rhacm2/thanos-rhel8@sha256:6e68ad16de1a769cfcf47cc06353f53fe9f485132b7756aa38aea0e79ea119f9_arm64",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-rhel8@sha256:71c6820b975b2d516c0848fa3ca6c608069e7ab352335201f1eaa7bf4c7c4554_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:71c6820b975b2d516c0848fa3ca6c608069e7ab352335201f1eaa7bf4c7c4554_s390x"
},
"product_reference": "rhacm2/thanos-rhel8@sha256:71c6820b975b2d516c0848fa3ca6c608069e7ab352335201f1eaa7bf4c7c4554_s390x",
"relates_to_product_reference": "8Base-RHACM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-rhel8@sha256:d3a26063213be409de7495218e0f1407280fef45c4cb140c2d1829932c0989d1_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8",
"product_id": "8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:d3a26063213be409de7495218e0f1407280fef45c4cb140c2d1829932c0989d1_ppc64le"
},
"product_reference": "rhacm2/thanos-rhel8@sha256:d3a26063213be409de7495218e0f1407280fef45c4cb140c2d1829932c0989d1_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25881",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2165824"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact of a succesfull exploiation of this vulnerability will only lead to a denial of service of the system,furthermore the exploitation will require an attacker to specifically craft a regular expression patterns in request headers (i.e. nontrivial input) that trigger pathological regex behavior but since most systems will have limits on header sizes or input validation that reduce the risk of triggering the extreme pathological regex cases which is why this has been marked as moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:42026bfa5539615a6c17d07a02f86c1dcf2dae850fb83f813527545240338148_s390x",
"8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:79faff8ac18214edb139b4016afbf801ed922c6fe018309128d088ac75c869b7_amd64",
"8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:ae6560072188b106a05bcb0cb0b30c8cdd5fd0c9b09b689a6c5ed0bcec555a15_arm64",
"8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:c3153f927005f6370671a11909983393037a79fb4db7feee689474109dc7fc78_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:12f96d091141a222cf30155e1bf0f2602af874877fe079d2b0d3c03a8c923db9_s390x",
"8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:17fcb839bbcb7c25cbe66a6c19dd48252ac0a03cf6335201407d111bf6b5015b_arm64",
"8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:4780cf81b07b6a003804fd780dfe9cafa3ba8d3f27083095e9ea68ef7827613c_amd64",
"8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7fb67d35bad7f0c7f9ab5f2de9bcb7d78f5482207a986b982ad1120fb2c359f6_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:27a794307bbf4e9dbb593f2f118304ec0adab0b4e2f2cebe352a830d8f8164c5_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:b2cf4eae8410b345ab5222673e73985854ad6a1684c0f0e41d5913d0cb697081_amd64",
"8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:d246af9d90b8fd808763baf870a9ac1665bf04e5e0c8ac442e51e6be50a2a9c8_s390x",
"8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:d936283544611591dd94849e3bf9c3c44b8415992e62ce732b8f3c347d3166f6_arm64",
"8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:12ad5b3157e7702a0b05effd000978e8ad277b45aa6fc06b726e01e1142cd354_amd64",
"8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:5eea4e889a403d1e9530980eaa0a973c1453c24fda8ada59957bbc4f20757551_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:b1eb1a70b514f725f926648ad0c39d1305653941db2a452c0ffc351ac0438531_arm64",
"8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:d70951cdff2f6c5781d39bb30190048b6a32b75c2c1d3b7db308574e578cd7d1_s390x",
"8Base-RHACM-2.5:rhacm2/acm-operator-bundle@sha256:8d21655a022072564d48ab764b5da765c9b1dd0a84f76ac4875cbde944c04747_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-operator-bundle@sha256:95dc381e453cd2201b460cd5096de0f4d061e9fc9a6b6b4e4c4d283ec57e9286_amd64",
"8Base-RHACM-2.5:rhacm2/acm-operator-bundle@sha256:b46e6e7b2b79f0bfc292df064ed34d4efeada493b0ce770403c7cbdf3bb44662_s390x",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:1630964477b19fcf69f8eafdb83a39c8588a324819ffa415908a1de31f9fff2b_amd64",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:4be1d5580dc2dd49b2f94c0c57e2de081ee54507cd1f422e9eb7a4126f6a36c3_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a6f16ef252a256fbadebfbd01b70bbf748e82179285602f1f1735b0933bb67d4_arm64",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b07234d4c68754696040d68aac03a11d6303d6a2d7358e1213a492f3e25b92bf_s390x",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:1e11a1e52ab4a696df5ae1403a9a6539cc94931e486d575f28f35c6ad1202428_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:7a3cccfe7a1a7b57d6aa1b3576e87134585db2f41bfff9b4b50fa54391ad8888_amd64",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:c8213633b8e670bf33b22ca87c8a309558ce4740b709847174c2ab366df324b0_s390x",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:f4e06e80479dccae5cd97069a50623ec388df93f563191fe6159f3f813aa84db_arm64",
"8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:8a721e578b78b6e56f92a9ddabebe1843b50492bdc9e42d00c757e8d239d9dbb_arm64",
"8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:9fa12720e772f7e8e101943742e0927d35cbb112ab1268a58faf3f73fbb0ea50_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:c6f835ad002890b59bc09b4da920c74f9b7a2777a8d149c6584e279888418dd1_s390x",
"8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:f6faa8e2ad741c66a4a9ba379dc898f25bf4765d01976bd8b4f395014c09967e_amd64",
"8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:694c13fb7de1591dd9c0a2441662cf9703dad6352a5c7b83600fe140cb443fef_amd64",
"8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:6ae568aa7fd9da2953cc7036667a2c030306a0acbe3de0eabe886b63295bf29c_arm64",
"8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:b5929eb3b7e752188ffa76babd79b19368cef5c3d3c50e32c0b72f26c0c70784_ppc64le",
"8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:eabe8d58dccadd52e9e668652cbe56bcd64b0518a81928dbed1bc7140e5d9056_s390x",
"8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:1af56fa1c3c76044c8452ce2dd903a53fdc4e3e017dcb67a1e85341e8fc0a28f_amd64",
"8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:d7337ca51bfb99caf69c95470441c3d77249893d53a561375295592cd207b1ec_arm64",
"8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:de535249ca4da9dac78a074b64c3d4bef794750a7529d800e4725dfabc4a462b_s390x",
"8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:f296df788cc318a3d978e4e1fc8358d069b3979ca1fd6698d6727858978a3109_ppc64le",
"8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:413c48ae42a0ba00b7cc085fa33b01dbec8dc05cac50602093afcb60a6587391_arm64",
"8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:672f989d243cf3648e7268f2d6b6a241635beec2c8a13398b4a3c2df4b231948_ppc64le",
"8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:934a586cc479b35ff5f665f327c77ceaeec953b368bd2bcd375c3e4e28dacd62_s390x",
"8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:a14e9bf26af979c1da90a9b12a970069302db8de309eaf94f4b94826938cab49_amd64",
"8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:273d357f500611a39987e50453bc243d4f1f85ecce6fc90a97fa2b4580f37b02_arm64",
"8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:51a5f1b376661bd3d2c7dcdd3788bcad526016aba2b80c72c83a72b0b04df78e_ppc64le",
"8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:cfdf9d8d8bd73f9f137830bfd3f00abf4e4e82cbecfe96c81b99a7ff8410dbff_amd64",
"8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:f844d954943c1641b3d14609ba02ff68b196f78bc25d09387893b80afcca6991_s390x",
"8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:349e86cf0b80d820089c9f694fc24e9ad4901819ee53b8aea3724a750b8f85aa_s390x",
"8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:43d0001814b8e3df5ea9cc4a75673388feb2e03443de3e3126bd353e8a709c58_arm64",
"8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:c0692ce4672eed1258569ce2d166a39bcce1d0276ed2b910eca1604f012d3444_amd64",
"8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:e0329f2b0495e5657c777f0d4ba219357faf00708b85e0fcbfad448110d88c99_ppc64le",
"8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:6543b5d66776cd49f7b75034f56a841a8fdc33464a24d0aa1dab660ce2aedf61_ppc64le",
"8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7debc3bbbaa7cb11fb38a316b6eeffcf3150ffab71535254288033dfe6e12d5d_arm64",
"8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1b96ba99a5b502cb1a128da6deef8fd9bdbf85750d331a9673161795796147_s390x",
"8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1ff7d70f504c4e14edc8df0c3f9cf58f22561f08bbf1f2f3985160b221ac3d_amd64",
"8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:31e9c532ca1b4f1821e7d5b1a8ca55ccb7fefe3e8f35814a9e4f2a4596f9a365_arm64",
"8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:6acd7f14d35e1296964fe4b8aff906447d039c115766483eb6d976c5fe3cf6f4_ppc64le",
"8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:853b393a1e2b36206f6f76a6986a21b9a699848fc19cf4063a8af02fb1526be5_s390x",
"8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:ebfd9e8df0e526dae8ee90a7964ed4d40c6b8d10b105284855c1023a43c47960_amd64",
"8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:1dd978c5a126f4d77754b6ecf92fe43f8451bc705e8f04a948963de3e2156c8c_s390x",
"8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:257a7018b6d5f8ce3706892b2b8b5da18d094b1086b72969489a0dbacdb7b072_arm64",
"8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:7db39af24f5729fa7d2aef81125a6ca2e207807a61e628133cdc6dadf090593a_ppc64le",
"8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:ea9ff26561b4bf178ca2ad2ed621e1e4174a7a4d6812a1c09a19f026c7097110_amd64",
"8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:57ba12f9bfbe0a5b4c8c68aa0372ecde4f60162405e70d0e87c157839ef0c7f2_amd64",
"8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:5e991a67ed60a2e7d9c63f7ba448d2b1ea851cf80b4b8bbf921c6aab4fb31991_s390x",
"8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:60cce7b2596c3e9a12fabc08652beddaeacd786b56db6601ca5e06a7da94b0f8_ppc64le",
"8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:620836af3504d61da539dddb3bcf083ccf67da57eea0dada8986dfaea758afc6_arm64",
"8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:205eb25e8036c45863c221ea969b9b68ff0e3915fd1560fd76e62fa0c11ffb16_ppc64le",
"8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:9ba5f63e9594b8507b617c136eb79b006202bf36e0dda88586eba69b8950727e_s390x",
"8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:bb2507fcfde82de4ea0581942f208bde0a225dc5fff35933aa3c90c8daec1b8e_arm64",
"8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:caf169dcb0e561d6c25deb4dc12f5a28955fd7f998de5ef95f7aa5c4b781c34a_amd64",
"8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:03f136165015a319b3ec01b1e45c6011928a856557fbd3448e85a05ac41a5d33_s390x",
"8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:6c012d7109ad50b13f8603f347fb4bf23e7ae2b9a07b1e7b722c49ac4967b72d_ppc64le",
"8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:abc83c5c4ba389637fc51d113639042e6d670bb601f564350e3cb5759c63c8b8_amd64",
"8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:ba250b395ade07ec66e92c7869e8336fd8fc84546448f8f2ec2da1e0a833bab7_arm64",
"8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:2cdab722befeee51a4c8e3768c9d128663294e6cc9140c71270125bbbb5256a7_arm64",
"8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:7ffb5597a30cff6a3354297b49f9abc40659af14969912dbbae18f1b8e02d040_s390x",
"8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:ea93d398ec3c324ad3c6f2745e2f108fc11a5fad461072283a331287798a14a5_ppc64le",
"8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:fe6035d3ceaeeb5613d843f9d9f2ac54ee2feee4acb5cdb90a67e91ddb559ca7_amd64",
"8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:78a7cc419032136a10af2ac80a7a63d14d7061e299516ad6b6ca12ced0a67e2d_ppc64le",
"8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:a9e826524107d040b3be58c5d63c5c43255af422f354c629cfccb27fbbc90f03_amd64",
"8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:bd3b882f8e39f32ca41ae5f063dac4a5952f87aa6742f9e64b70f652d687b451_s390x",
"8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:c510082c0d9c9e51773405d04a2d1ddfe1d88a6201c68cfb177c952c5eeb1e2f_arm64",
"8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:177e43c69b52c6b37ad65a847eaafb19fe1bcb4ca792f1f9cfda6e055e893c9b_arm64",
"8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:82c5835e7bd90ab24530f0819e890abb638bdc67febb6e9c27381037e58ee337_amd64",
"8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:935020d5ea1bde696e163c7161d4538aa2fbb8a9422e6d00b06bdb94ab0b3e26_ppc64le",
"8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:b2160c35fe42e7d88d3265bce1b9f2f84e79af55f935be174ddbd6413bd3f2d2_s390x",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:0ff0f35f5963130b202c05d9a349b60b32ac3934e4e1e0b537d1cae1a5b4dddd_amd64",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:64cad7e21fdfcad78af0bf6686fa36e54f2111254404d6d7b2a8aa9f6fac4009_arm64",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:766025ff8324ab792dc0fe30192b72b1f6e681695ff9369fdac7cd1f5d0be964_s390x",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:dd9dc2f148b72eafd49a59f6913bbe56f4a0c0fb0880f40964241790d9b8f042_ppc64le",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:43c685c96537b0ae174f47abdec172ace314673c758156ebe6b241956be15e35_arm64",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:8403e6090adcc06402b6f523848e68c6ea3199a65aea23133b9cb4efd643d12e_amd64",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:952c658730d28302d2ea3db85650666981a96c8ac372e5f98256a6ac5de0872c_ppc64le",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:c405e7ace2ac21a6af6e8a6dcff0d1401d4e867d18b09390250509898898fca0_s390x",
"8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:2a82563ea7eb827d9794d58d1b3fe6ed986e063e321daf0c71a8e045e7fb0b97_arm64",
"8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:48027540bab7cba6ba0d0fbe5fa1405e4fff1e400603662e406b3b8250becb17_amd64",
"8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:9a2ae345587d42587c11fdb31a044fad24d031b53879e670c07b0f4d4ee9289d_s390x",
"8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:f6560334142127a5287615b508fd02be7f260ed48878479d7a697d8b7c096df9_ppc64le",
"8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:1eefd48372a62522af3201d7c420e6172c967620119a9d1fbf721bbfa3c8662b_arm64",
"8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:726946bb75359dedd7b3b7f242078070da27c6ec8fe5f5d0a335f8c43b497247_s390x",
"8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:e0f92706e646954cf0ee372d26a258736183fb1d4166ffe72026f0d5798a805c_ppc64le",
"8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:fd1c3172d4e524dbdd236f25395eca3b0fecefe566bddf817fee2a2d6c11ce41_amd64",
"8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:2dc95682188c90fddfcfd844881e636371a8febe0106397888b9647cccd82e22_amd64",
"8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:53b3b39ac29c20f49b396d0373a058a428866b35ca68909e25b16d2bf9a549c8_arm64",
"8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:e9c8b25c555767f6e38ebc3f705b828dab980d24372c834e19f98ca5f747aab4_s390x",
"8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:f12af1c3fa06e65c3c6ebf9ab4480f37ea20b9ef512951586d67b91f39049eda_ppc64le",
"8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:180f4c99795f9d2ca6443f9b1aa7b7d312badde5ad178883a322fbf1e32668b6_s390x",
"8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:665a3780f90b7a368a9b8029b82ec67706edcc43f19bef00699938b5d69ad3af_arm64",
"8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:77d392b5aacc8d801555e67617e190248aaed68fbe7c94441c1388b5cb8413ea_ppc64le",
"8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:f3dd4ab4cec97b6386d184840458d280d0bdf87e2e1655979b6993375e999fb4_amd64",
"8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:23a56996738b70dde20a1cdc501b827827ba36894db8cd9826363b69d8839fa8_amd64",
"8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:658614306f6af7dfad068e94b82632e56e05a4c82573363b8040515ffa293baa_s390x",
"8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:8d3fd86ec310053c5dd830dd92a80435e70c77514de7944c20109167e364c858_ppc64le",
"8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:c2e6e977525643713a0bf7a60fe41c2b417564bb73da4272f76609fc02faa89c_arm64",
"8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:847f175776002883e98bc65bd0c4b41ec77f4b7c7b732beca3fbd9b5381e28cf_amd64",
"8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:bb49e64f19f5e8437c1eeb0feeec4ca5c5c96138e92a0e8ffa5e5113cfa9efd3_ppc64le",
"8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:ec44df7a78953b308020eabb6e304a5ff6582a319643bd44801f1a5f4ddfb69b_arm64",
"8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:f77de7ec080ad1b2d46a0020ecb19a56bb666244c0166efa8ba13cd74720b24e_s390x",
"8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:5130c638f0cb5c5da92a79d7a62806836d63fff3432ac9455f0354c22dd956bd_ppc64le",
"8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:7c06a0724a5fbe7dfc5c3fcb486963dbd9669d21e83d971c5d4cef144b3e498e_arm64",
"8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:9cf5c2d969971bb650ef6292e297f17d60aba96495656e86d2dfab6a63506bfb_amd64",
"8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:fff0e652bd2ff20104be92b1e7a68137154c8c91a3fc693240c546dc4ed24a7d_s390x",
"8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:2fc1f279e5ea52a4065d6a2e11045f4d3ed690341f61547381770cd6dfcd16eb_ppc64le",
"8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:483385e39d12236ae4e141cce2a2f36e53cfa60b27d53744ee3acd55773531f4_s390x",
"8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:94c991f8a50f2f7f053fd2312bdca91a4c37d75bfb81fcb89997910dc4060d60_arm64",
"8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:9dc50b329620f973b487851c178c117c98458ca0345e95cfe132077eb41ec82f_amd64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:5a9f047369f26599841935ecba6c44365626abda4d1b147a0535945b79a28ed6_arm64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:60e1dc469ad22eabf7c4196a0bfcea6a98bdefc095e3dac5a7a9c6afd995a569_ppc64le",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:6d027f6201b58eaf5cf7f8e00ab3892b06cfe51cea0398779a0c610c24d973a3_amd64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:e6c1af572e3752fc7a500eb2a83af5007686c5eb20d6d7835283ab5c95fe4d0b_s390x",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:1409fc96147bf7ceb384434b9413845aa08cc7fb137044b3ebe9d8382b5439d5_ppc64le",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:19289b0a7fc403741c6b9b4ca7942830c7e5fb27be742204f8ce70107347e2f8_s390x",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:351f51131b86bbc57f989995c61302b083194f5fc9fe9e4fabad9fb981e86af8_arm64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:a84876ffe39b4d4ff88202aa4f7b003b5bb5d6c861f2f06d12f3f6c1eee76b5d_amd64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:16ee05735318605d0b056f85dd63ca67bfc1f133f0431b6471bf8f048f73ed1e_arm64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:1bdefa82ed71290123f6110a3bb9a9aba9f241e47a9fdecbb593468ead951977_ppc64le",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:7701135183a6283a7ec73e1a8431ec1f4056b73d5aff083ffcdfc34a4061c77a_amd64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:b239125eee8c5de8f5aa3b5933cd2351920fa157e9276e3409c22dc2e8a9a228_s390x",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:251fdbfc363c19a627f63fbb22a6a592a8a296774185c1aa0096c114d0bd4091_arm64",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:4d43221046f770b6f035d9e891562b66d12cbafa12ed2f64449c4cfb9046c578_ppc64le",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:4e472f967f2ed248a41901f1eea143f8b53cc67d2b00fb7f366b30e0ad4c3589_s390x",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:b9490680a3ecd5a5888370a2d6008ce5e9a5734213848f9ca40e3ead9a87c561_amd64",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:2762fa7fbdf750aa78402ac7342666868e01191f2eb19f45fade7da1a0267995_amd64",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:2d46519833383fa8ad6dd8fa221a83b8546d99e5ecddc97115812a1c5d74ce08_arm64",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:696ba3d5ab05c91a4cca2d42cd333d86ea403d96795c09b4e263927338b37aed_ppc64le",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:96d55bba7efbfcb441d30ac5cf276bf3b4a103f128fcc78b2feb8bd6a655fef7_s390x",
"8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:1d0c886b13aa793c1020be7fa5cd561301679fc6274199ccff15ad71543359c1_arm64",
"8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:4a20372b3bdbad27be2a66394cf478510f46d1623196e0edef5f4d30b2c6a481_ppc64le",
"8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:d3c8623f8e58908c2955690a448f7684efb851d0eb32940415cc824cef049416_s390x",
"8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:d451edefd87f86ddfc042c1216e76e3e6a94cd4375ac3626c3c1dcaca88827d6_amd64",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:30c58870faabb47c374b30d98520532e7e053e050daf8bed4a1fb743bf486889_arm64",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:69af1060e3e46d6b50e7236dff741d74c2f79b1d6791f5f14079d32caa93adc4_amd64",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:7e21e40121c3af549229b0933bfd6e9d0f705fa5285936c489c4df03a0625e71_ppc64le",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:d9b626336ef66d09cddd9bf3a18c9bec87ed38c943d482d3e75dce8e35241302_s390x",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:437b4ed4b258e75f44f5637bd5dfae6b84bd6a44546ed658bded0977e0bf1bc9_arm64",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:5c81a6e390614069fb163ab03b85f9d97f4fa844e37840bd5506ea146648453b_s390x",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:ddf8516f281d15b217becd9bc79c56ac30bc814ed607a76cd5244d1a270e2efe_amd64",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:e43c7a3af4de5d8933d6d961db25c3d635af7dbb62f9b69bdc72bc0b408e54e8_ppc64le",
"8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:31e9c23c4910f67e4c47a5bc5108e355ad0d10803fc2acb7f8fa26803ef3db47_arm64",
"8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:5136daa52d90cb01f36e9c8893c9258a4d4897da9d643aa55bbe70dd595069fa_amd64",
"8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:a9950fd16ed4c57c8f9d57b7d67b0d799c06c0aa35009bf9ee65b4efe1199621_s390x",
"8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:f3bc894a07da644b30e4f1961e027af4a77f6cae43c31a7f6c7cd7f2f15dbf5a_ppc64le",
"8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:4e89bd8af4de796b1664facfb75472e04f3a100e05a31c465e0fc1632f2d8922_amd64",
"8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:6711573af9580dc36f2b6d1f650c64eaf079095c9afdefacb1483a92c2c5d3bb_s390x",
"8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:7493e261657f796e172d612b11a782802d305a43f08b5a142516d9c49d4fd8ea_arm64",
"8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:df47ccd132cc17cac35d4a597e2d1582d1086754b402b5579f177a54d7e8dec8_ppc64le",
"8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:34d2b9425cf277415a42493a53de6c08d23f5fbec34adfac581e161ef112a751_amd64",
"8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:7a724abe99c4f15328d11c29ab2fd94dbed3771353d5eaf3dabcfab9a929b1ce_ppc64le",
"8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:90a616349526a7b2bfbff5edbb4c5914dbcf0b472ed763966871a92d9996700a_arm64",
"8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:e749feb6787bc37d826bbfb6bf7fc78509c31e3cec10b74791ff13f06ec1e519_s390x",
"8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:19bb860788c5157f4cb4dedd6fe29661bc3400708486ed7a0dcbb5e32bc61f68_arm64",
"8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:344d572012f7a894b1c4208e51b3e2b20fc46723972de2431494ce7d86bd7694_s390x",
"8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:97cda65bbc9c9da02d5cb804354ddd5879787dcc0d87e354b20fbb66d0a88c22_amd64",
"8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:aa4f75dc9257e6244b177efd1b727a6f42639dbaf26d8b1fff6013698548a2fd_ppc64le",
"8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:27709f9b5f7bb83996e8ce92e02e379a9533dc74bf8997c5789676727547c710_arm64",
"8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:442cccd2570283d4b98fd115ca354905121e375560332f1718e790e431caa87a_amd64",
"8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:4515e7dd38daabaddd921e52a73d7c1272dfe2a0ddf21a2a36994f0335af8cb8_s390x",
"8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:fa9ca39b3ddb6213daa0350f27f7e2099a728de5aecc031032e688626e754382_ppc64le",
"8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:03996c596cf7360aa4ab3b15e5cbaca13facb7a982ce6fb17e696f3b7711a4fa_ppc64le",
"8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:a2d0e849a731c00405d2ff0d109ba63cde8196525787ac8c454f0a405c994fce_s390x",
"8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:ab64cf0bbd15cef347b302a1933dc88172f5db8f730d758177639c8f869e063c_amd64",
"8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:d715956ae4cc984f551480ef4d43337c0ec5db7488c9ebc16d061c5b015e6ecd_arm64",
"8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:616a381b172de928f5460b77ecff39c0c285dc69efe52161755348f9dcf1318e_ppc64le",
"8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:73141807ef57fa62d1f827956d1835bed5e9fe8033fa51429cba6c055fca9cd7_amd64",
"8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:82a4817ed9a8b3040c69b5fc0328a1bdfbc2bddc78229855afc571c36789c531_s390x",
"8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:e30dbde785d8ffd716deeea10c6d08b8bc2a1ef8d3994618dccbd5cd04e18fcb_arm64",
"8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:1247fd4ec39b8eabe95101251efe86f5cf3f652e46ab54fe218b9b595dfb0eb2_amd64",
"8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:949f045375b480fea4957f5948da59529ddf11b49dd2545763bec570291f6b4b_arm64",
"8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:b3fccae0f3e18c5da3622307e020c0e102ddd33e93ccfce67b9dc2e2fd859b87_ppc64le",
"8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:b7e7b0b5651fcd4bfa344c1fff8bb17f4e088a1fa7d5577a983e00817e32310d_s390x",
"8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:11d9f2f0596b78de203b009a208d00dbba55d101b8abf93a1299cfc50b37ec62_arm64",
"8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:148cce1e22e9112eadd38e60af4b5f4b5c483569646e84cf859d17c6b9d37f57_amd64",
"8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:199c50f2e510493dd660739f4acbf831c4855b12927f531d1af6f96c76dba547_ppc64le",
"8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:f68201802e6754412c1181f707aed07058ad1e0d4d22b300c89c73de48cfd3f8_s390x",
"8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:03e5c4e4dc14a3486ea7e682dea8b0eeb22f7316a309f15de69e85c988c06fd7_amd64",
"8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:12c712adceceb029355b9b4a037bfe66a2a08ce3c6a2ce7793d6d2e9533dc470_s390x",
"8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:a1ca558db817306610d0282bb2dcd95467478cf986d9eab68d63fcb915a0058e_ppc64le",
"8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:a4700bdcda826ff18dc059a2df83f99ef39973e9fbfffff1b4ff8e6182d764ce_arm64",
"8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:0c9b23fa9b2fb28fc7a36a80c8a34a525b5f112c4bf956d258c41a2fc731f94d_amd64",
"8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:6e68ad16de1a769cfcf47cc06353f53fe9f485132b7756aa38aea0e79ea119f9_arm64",
"8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:71c6820b975b2d516c0848fa3ca6c608069e7ab352335201f1eaa7bf4c7c4554_s390x",
"8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:d3a26063213be409de7495218e0f1407280fef45c4cb140c2d1829932c0989d1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25881"
},
{
"category": "external",
"summary": "RHBZ#2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T20:14:23+00:00",
"details": "For Red Hat Advanced Cluster Management for Kubernetes, see the following\ndocumentation, which will be updated shortly for this release, for important\ninstructions about installing this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html-single/install/index#installing",
"product_ids": [
"8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:42026bfa5539615a6c17d07a02f86c1dcf2dae850fb83f813527545240338148_s390x",
"8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:79faff8ac18214edb139b4016afbf801ed922c6fe018309128d088ac75c869b7_amd64",
"8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:ae6560072188b106a05bcb0cb0b30c8cdd5fd0c9b09b689a6c5ed0bcec555a15_arm64",
"8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:c3153f927005f6370671a11909983393037a79fb4db7feee689474109dc7fc78_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:12f96d091141a222cf30155e1bf0f2602af874877fe079d2b0d3c03a8c923db9_s390x",
"8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:17fcb839bbcb7c25cbe66a6c19dd48252ac0a03cf6335201407d111bf6b5015b_arm64",
"8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:4780cf81b07b6a003804fd780dfe9cafa3ba8d3f27083095e9ea68ef7827613c_amd64",
"8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7fb67d35bad7f0c7f9ab5f2de9bcb7d78f5482207a986b982ad1120fb2c359f6_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:27a794307bbf4e9dbb593f2f118304ec0adab0b4e2f2cebe352a830d8f8164c5_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:b2cf4eae8410b345ab5222673e73985854ad6a1684c0f0e41d5913d0cb697081_amd64",
"8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:d246af9d90b8fd808763baf870a9ac1665bf04e5e0c8ac442e51e6be50a2a9c8_s390x",
"8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:d936283544611591dd94849e3bf9c3c44b8415992e62ce732b8f3c347d3166f6_arm64",
"8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:12ad5b3157e7702a0b05effd000978e8ad277b45aa6fc06b726e01e1142cd354_amd64",
"8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:5eea4e889a403d1e9530980eaa0a973c1453c24fda8ada59957bbc4f20757551_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:b1eb1a70b514f725f926648ad0c39d1305653941db2a452c0ffc351ac0438531_arm64",
"8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:d70951cdff2f6c5781d39bb30190048b6a32b75c2c1d3b7db308574e578cd7d1_s390x",
"8Base-RHACM-2.5:rhacm2/acm-operator-bundle@sha256:8d21655a022072564d48ab764b5da765c9b1dd0a84f76ac4875cbde944c04747_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-operator-bundle@sha256:95dc381e453cd2201b460cd5096de0f4d061e9fc9a6b6b4e4c4d283ec57e9286_amd64",
"8Base-RHACM-2.5:rhacm2/acm-operator-bundle@sha256:b46e6e7b2b79f0bfc292df064ed34d4efeada493b0ce770403c7cbdf3bb44662_s390x",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:1630964477b19fcf69f8eafdb83a39c8588a324819ffa415908a1de31f9fff2b_amd64",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:4be1d5580dc2dd49b2f94c0c57e2de081ee54507cd1f422e9eb7a4126f6a36c3_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a6f16ef252a256fbadebfbd01b70bbf748e82179285602f1f1735b0933bb67d4_arm64",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b07234d4c68754696040d68aac03a11d6303d6a2d7358e1213a492f3e25b92bf_s390x",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:1e11a1e52ab4a696df5ae1403a9a6539cc94931e486d575f28f35c6ad1202428_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:7a3cccfe7a1a7b57d6aa1b3576e87134585db2f41bfff9b4b50fa54391ad8888_amd64",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:c8213633b8e670bf33b22ca87c8a309558ce4740b709847174c2ab366df324b0_s390x",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:f4e06e80479dccae5cd97069a50623ec388df93f563191fe6159f3f813aa84db_arm64",
"8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:8a721e578b78b6e56f92a9ddabebe1843b50492bdc9e42d00c757e8d239d9dbb_arm64",
"8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:9fa12720e772f7e8e101943742e0927d35cbb112ab1268a58faf3f73fbb0ea50_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:c6f835ad002890b59bc09b4da920c74f9b7a2777a8d149c6584e279888418dd1_s390x",
"8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:f6faa8e2ad741c66a4a9ba379dc898f25bf4765d01976bd8b4f395014c09967e_amd64",
"8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:694c13fb7de1591dd9c0a2441662cf9703dad6352a5c7b83600fe140cb443fef_amd64",
"8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:6ae568aa7fd9da2953cc7036667a2c030306a0acbe3de0eabe886b63295bf29c_arm64",
"8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:b5929eb3b7e752188ffa76babd79b19368cef5c3d3c50e32c0b72f26c0c70784_ppc64le",
"8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:eabe8d58dccadd52e9e668652cbe56bcd64b0518a81928dbed1bc7140e5d9056_s390x",
"8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:1af56fa1c3c76044c8452ce2dd903a53fdc4e3e017dcb67a1e85341e8fc0a28f_amd64",
"8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:d7337ca51bfb99caf69c95470441c3d77249893d53a561375295592cd207b1ec_arm64",
"8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:de535249ca4da9dac78a074b64c3d4bef794750a7529d800e4725dfabc4a462b_s390x",
"8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:f296df788cc318a3d978e4e1fc8358d069b3979ca1fd6698d6727858978a3109_ppc64le",
"8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:413c48ae42a0ba00b7cc085fa33b01dbec8dc05cac50602093afcb60a6587391_arm64",
"8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:672f989d243cf3648e7268f2d6b6a241635beec2c8a13398b4a3c2df4b231948_ppc64le",
"8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:934a586cc479b35ff5f665f327c77ceaeec953b368bd2bcd375c3e4e28dacd62_s390x",
"8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:a14e9bf26af979c1da90a9b12a970069302db8de309eaf94f4b94826938cab49_amd64",
"8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:273d357f500611a39987e50453bc243d4f1f85ecce6fc90a97fa2b4580f37b02_arm64",
"8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:51a5f1b376661bd3d2c7dcdd3788bcad526016aba2b80c72c83a72b0b04df78e_ppc64le",
"8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:cfdf9d8d8bd73f9f137830bfd3f00abf4e4e82cbecfe96c81b99a7ff8410dbff_amd64",
"8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:f844d954943c1641b3d14609ba02ff68b196f78bc25d09387893b80afcca6991_s390x",
"8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:349e86cf0b80d820089c9f694fc24e9ad4901819ee53b8aea3724a750b8f85aa_s390x",
"8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:43d0001814b8e3df5ea9cc4a75673388feb2e03443de3e3126bd353e8a709c58_arm64",
"8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:c0692ce4672eed1258569ce2d166a39bcce1d0276ed2b910eca1604f012d3444_amd64",
"8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:e0329f2b0495e5657c777f0d4ba219357faf00708b85e0fcbfad448110d88c99_ppc64le",
"8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:6543b5d66776cd49f7b75034f56a841a8fdc33464a24d0aa1dab660ce2aedf61_ppc64le",
"8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7debc3bbbaa7cb11fb38a316b6eeffcf3150ffab71535254288033dfe6e12d5d_arm64",
"8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1b96ba99a5b502cb1a128da6deef8fd9bdbf85750d331a9673161795796147_s390x",
"8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1ff7d70f504c4e14edc8df0c3f9cf58f22561f08bbf1f2f3985160b221ac3d_amd64",
"8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:31e9c532ca1b4f1821e7d5b1a8ca55ccb7fefe3e8f35814a9e4f2a4596f9a365_arm64",
"8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:6acd7f14d35e1296964fe4b8aff906447d039c115766483eb6d976c5fe3cf6f4_ppc64le",
"8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:853b393a1e2b36206f6f76a6986a21b9a699848fc19cf4063a8af02fb1526be5_s390x",
"8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:ebfd9e8df0e526dae8ee90a7964ed4d40c6b8d10b105284855c1023a43c47960_amd64",
"8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:1dd978c5a126f4d77754b6ecf92fe43f8451bc705e8f04a948963de3e2156c8c_s390x",
"8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:257a7018b6d5f8ce3706892b2b8b5da18d094b1086b72969489a0dbacdb7b072_arm64",
"8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:7db39af24f5729fa7d2aef81125a6ca2e207807a61e628133cdc6dadf090593a_ppc64le",
"8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:ea9ff26561b4bf178ca2ad2ed621e1e4174a7a4d6812a1c09a19f026c7097110_amd64",
"8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:57ba12f9bfbe0a5b4c8c68aa0372ecde4f60162405e70d0e87c157839ef0c7f2_amd64",
"8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:5e991a67ed60a2e7d9c63f7ba448d2b1ea851cf80b4b8bbf921c6aab4fb31991_s390x",
"8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:60cce7b2596c3e9a12fabc08652beddaeacd786b56db6601ca5e06a7da94b0f8_ppc64le",
"8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:620836af3504d61da539dddb3bcf083ccf67da57eea0dada8986dfaea758afc6_arm64",
"8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:205eb25e8036c45863c221ea969b9b68ff0e3915fd1560fd76e62fa0c11ffb16_ppc64le",
"8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:9ba5f63e9594b8507b617c136eb79b006202bf36e0dda88586eba69b8950727e_s390x",
"8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:bb2507fcfde82de4ea0581942f208bde0a225dc5fff35933aa3c90c8daec1b8e_arm64",
"8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:caf169dcb0e561d6c25deb4dc12f5a28955fd7f998de5ef95f7aa5c4b781c34a_amd64",
"8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:03f136165015a319b3ec01b1e45c6011928a856557fbd3448e85a05ac41a5d33_s390x",
"8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:6c012d7109ad50b13f8603f347fb4bf23e7ae2b9a07b1e7b722c49ac4967b72d_ppc64le",
"8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:abc83c5c4ba389637fc51d113639042e6d670bb601f564350e3cb5759c63c8b8_amd64",
"8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:ba250b395ade07ec66e92c7869e8336fd8fc84546448f8f2ec2da1e0a833bab7_arm64",
"8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:2cdab722befeee51a4c8e3768c9d128663294e6cc9140c71270125bbbb5256a7_arm64",
"8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:7ffb5597a30cff6a3354297b49f9abc40659af14969912dbbae18f1b8e02d040_s390x",
"8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:ea93d398ec3c324ad3c6f2745e2f108fc11a5fad461072283a331287798a14a5_ppc64le",
"8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:fe6035d3ceaeeb5613d843f9d9f2ac54ee2feee4acb5cdb90a67e91ddb559ca7_amd64",
"8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:78a7cc419032136a10af2ac80a7a63d14d7061e299516ad6b6ca12ced0a67e2d_ppc64le",
"8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:a9e826524107d040b3be58c5d63c5c43255af422f354c629cfccb27fbbc90f03_amd64",
"8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:bd3b882f8e39f32ca41ae5f063dac4a5952f87aa6742f9e64b70f652d687b451_s390x",
"8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:c510082c0d9c9e51773405d04a2d1ddfe1d88a6201c68cfb177c952c5eeb1e2f_arm64",
"8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:177e43c69b52c6b37ad65a847eaafb19fe1bcb4ca792f1f9cfda6e055e893c9b_arm64",
"8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:82c5835e7bd90ab24530f0819e890abb638bdc67febb6e9c27381037e58ee337_amd64",
"8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:935020d5ea1bde696e163c7161d4538aa2fbb8a9422e6d00b06bdb94ab0b3e26_ppc64le",
"8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:b2160c35fe42e7d88d3265bce1b9f2f84e79af55f935be174ddbd6413bd3f2d2_s390x",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:0ff0f35f5963130b202c05d9a349b60b32ac3934e4e1e0b537d1cae1a5b4dddd_amd64",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:64cad7e21fdfcad78af0bf6686fa36e54f2111254404d6d7b2a8aa9f6fac4009_arm64",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:766025ff8324ab792dc0fe30192b72b1f6e681695ff9369fdac7cd1f5d0be964_s390x",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:dd9dc2f148b72eafd49a59f6913bbe56f4a0c0fb0880f40964241790d9b8f042_ppc64le",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:43c685c96537b0ae174f47abdec172ace314673c758156ebe6b241956be15e35_arm64",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:8403e6090adcc06402b6f523848e68c6ea3199a65aea23133b9cb4efd643d12e_amd64",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:952c658730d28302d2ea3db85650666981a96c8ac372e5f98256a6ac5de0872c_ppc64le",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:c405e7ace2ac21a6af6e8a6dcff0d1401d4e867d18b09390250509898898fca0_s390x",
"8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:2a82563ea7eb827d9794d58d1b3fe6ed986e063e321daf0c71a8e045e7fb0b97_arm64",
"8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:48027540bab7cba6ba0d0fbe5fa1405e4fff1e400603662e406b3b8250becb17_amd64",
"8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:9a2ae345587d42587c11fdb31a044fad24d031b53879e670c07b0f4d4ee9289d_s390x",
"8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:f6560334142127a5287615b508fd02be7f260ed48878479d7a697d8b7c096df9_ppc64le",
"8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:1eefd48372a62522af3201d7c420e6172c967620119a9d1fbf721bbfa3c8662b_arm64",
"8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:726946bb75359dedd7b3b7f242078070da27c6ec8fe5f5d0a335f8c43b497247_s390x",
"8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:e0f92706e646954cf0ee372d26a258736183fb1d4166ffe72026f0d5798a805c_ppc64le",
"8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:fd1c3172d4e524dbdd236f25395eca3b0fecefe566bddf817fee2a2d6c11ce41_amd64",
"8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:2dc95682188c90fddfcfd844881e636371a8febe0106397888b9647cccd82e22_amd64",
"8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:53b3b39ac29c20f49b396d0373a058a428866b35ca68909e25b16d2bf9a549c8_arm64",
"8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:e9c8b25c555767f6e38ebc3f705b828dab980d24372c834e19f98ca5f747aab4_s390x",
"8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:f12af1c3fa06e65c3c6ebf9ab4480f37ea20b9ef512951586d67b91f39049eda_ppc64le",
"8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:180f4c99795f9d2ca6443f9b1aa7b7d312badde5ad178883a322fbf1e32668b6_s390x",
"8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:665a3780f90b7a368a9b8029b82ec67706edcc43f19bef00699938b5d69ad3af_arm64",
"8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:77d392b5aacc8d801555e67617e190248aaed68fbe7c94441c1388b5cb8413ea_ppc64le",
"8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:f3dd4ab4cec97b6386d184840458d280d0bdf87e2e1655979b6993375e999fb4_amd64",
"8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:23a56996738b70dde20a1cdc501b827827ba36894db8cd9826363b69d8839fa8_amd64",
"8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:658614306f6af7dfad068e94b82632e56e05a4c82573363b8040515ffa293baa_s390x",
"8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:8d3fd86ec310053c5dd830dd92a80435e70c77514de7944c20109167e364c858_ppc64le",
"8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:c2e6e977525643713a0bf7a60fe41c2b417564bb73da4272f76609fc02faa89c_arm64",
"8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:847f175776002883e98bc65bd0c4b41ec77f4b7c7b732beca3fbd9b5381e28cf_amd64",
"8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:bb49e64f19f5e8437c1eeb0feeec4ca5c5c96138e92a0e8ffa5e5113cfa9efd3_ppc64le",
"8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:ec44df7a78953b308020eabb6e304a5ff6582a319643bd44801f1a5f4ddfb69b_arm64",
"8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:f77de7ec080ad1b2d46a0020ecb19a56bb666244c0166efa8ba13cd74720b24e_s390x",
"8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:5130c638f0cb5c5da92a79d7a62806836d63fff3432ac9455f0354c22dd956bd_ppc64le",
"8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:7c06a0724a5fbe7dfc5c3fcb486963dbd9669d21e83d971c5d4cef144b3e498e_arm64",
"8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:9cf5c2d969971bb650ef6292e297f17d60aba96495656e86d2dfab6a63506bfb_amd64",
"8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:fff0e652bd2ff20104be92b1e7a68137154c8c91a3fc693240c546dc4ed24a7d_s390x",
"8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:2fc1f279e5ea52a4065d6a2e11045f4d3ed690341f61547381770cd6dfcd16eb_ppc64le",
"8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:483385e39d12236ae4e141cce2a2f36e53cfa60b27d53744ee3acd55773531f4_s390x",
"8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:94c991f8a50f2f7f053fd2312bdca91a4c37d75bfb81fcb89997910dc4060d60_arm64",
"8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:9dc50b329620f973b487851c178c117c98458ca0345e95cfe132077eb41ec82f_amd64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:5a9f047369f26599841935ecba6c44365626abda4d1b147a0535945b79a28ed6_arm64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:60e1dc469ad22eabf7c4196a0bfcea6a98bdefc095e3dac5a7a9c6afd995a569_ppc64le",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:6d027f6201b58eaf5cf7f8e00ab3892b06cfe51cea0398779a0c610c24d973a3_amd64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:e6c1af572e3752fc7a500eb2a83af5007686c5eb20d6d7835283ab5c95fe4d0b_s390x",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:1409fc96147bf7ceb384434b9413845aa08cc7fb137044b3ebe9d8382b5439d5_ppc64le",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:19289b0a7fc403741c6b9b4ca7942830c7e5fb27be742204f8ce70107347e2f8_s390x",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:351f51131b86bbc57f989995c61302b083194f5fc9fe9e4fabad9fb981e86af8_arm64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:a84876ffe39b4d4ff88202aa4f7b003b5bb5d6c861f2f06d12f3f6c1eee76b5d_amd64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:16ee05735318605d0b056f85dd63ca67bfc1f133f0431b6471bf8f048f73ed1e_arm64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:1bdefa82ed71290123f6110a3bb9a9aba9f241e47a9fdecbb593468ead951977_ppc64le",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:7701135183a6283a7ec73e1a8431ec1f4056b73d5aff083ffcdfc34a4061c77a_amd64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:b239125eee8c5de8f5aa3b5933cd2351920fa157e9276e3409c22dc2e8a9a228_s390x",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:251fdbfc363c19a627f63fbb22a6a592a8a296774185c1aa0096c114d0bd4091_arm64",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:4d43221046f770b6f035d9e891562b66d12cbafa12ed2f64449c4cfb9046c578_ppc64le",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:4e472f967f2ed248a41901f1eea143f8b53cc67d2b00fb7f366b30e0ad4c3589_s390x",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:b9490680a3ecd5a5888370a2d6008ce5e9a5734213848f9ca40e3ead9a87c561_amd64",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:2762fa7fbdf750aa78402ac7342666868e01191f2eb19f45fade7da1a0267995_amd64",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:2d46519833383fa8ad6dd8fa221a83b8546d99e5ecddc97115812a1c5d74ce08_arm64",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:696ba3d5ab05c91a4cca2d42cd333d86ea403d96795c09b4e263927338b37aed_ppc64le",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:96d55bba7efbfcb441d30ac5cf276bf3b4a103f128fcc78b2feb8bd6a655fef7_s390x",
"8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:1d0c886b13aa793c1020be7fa5cd561301679fc6274199ccff15ad71543359c1_arm64",
"8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:4a20372b3bdbad27be2a66394cf478510f46d1623196e0edef5f4d30b2c6a481_ppc64le",
"8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:d3c8623f8e58908c2955690a448f7684efb851d0eb32940415cc824cef049416_s390x",
"8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:d451edefd87f86ddfc042c1216e76e3e6a94cd4375ac3626c3c1dcaca88827d6_amd64",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:30c58870faabb47c374b30d98520532e7e053e050daf8bed4a1fb743bf486889_arm64",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:69af1060e3e46d6b50e7236dff741d74c2f79b1d6791f5f14079d32caa93adc4_amd64",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:7e21e40121c3af549229b0933bfd6e9d0f705fa5285936c489c4df03a0625e71_ppc64le",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:d9b626336ef66d09cddd9bf3a18c9bec87ed38c943d482d3e75dce8e35241302_s390x",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:437b4ed4b258e75f44f5637bd5dfae6b84bd6a44546ed658bded0977e0bf1bc9_arm64",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:5c81a6e390614069fb163ab03b85f9d97f4fa844e37840bd5506ea146648453b_s390x",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:ddf8516f281d15b217becd9bc79c56ac30bc814ed607a76cd5244d1a270e2efe_amd64",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:e43c7a3af4de5d8933d6d961db25c3d635af7dbb62f9b69bdc72bc0b408e54e8_ppc64le",
"8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:31e9c23c4910f67e4c47a5bc5108e355ad0d10803fc2acb7f8fa26803ef3db47_arm64",
"8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:5136daa52d90cb01f36e9c8893c9258a4d4897da9d643aa55bbe70dd595069fa_amd64",
"8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:a9950fd16ed4c57c8f9d57b7d67b0d799c06c0aa35009bf9ee65b4efe1199621_s390x",
"8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:f3bc894a07da644b30e4f1961e027af4a77f6cae43c31a7f6c7cd7f2f15dbf5a_ppc64le",
"8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:4e89bd8af4de796b1664facfb75472e04f3a100e05a31c465e0fc1632f2d8922_amd64",
"8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:6711573af9580dc36f2b6d1f650c64eaf079095c9afdefacb1483a92c2c5d3bb_s390x",
"8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:7493e261657f796e172d612b11a782802d305a43f08b5a142516d9c49d4fd8ea_arm64",
"8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:df47ccd132cc17cac35d4a597e2d1582d1086754b402b5579f177a54d7e8dec8_ppc64le",
"8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:34d2b9425cf277415a42493a53de6c08d23f5fbec34adfac581e161ef112a751_amd64",
"8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:7a724abe99c4f15328d11c29ab2fd94dbed3771353d5eaf3dabcfab9a929b1ce_ppc64le",
"8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:90a616349526a7b2bfbff5edbb4c5914dbcf0b472ed763966871a92d9996700a_arm64",
"8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:e749feb6787bc37d826bbfb6bf7fc78509c31e3cec10b74791ff13f06ec1e519_s390x",
"8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:19bb860788c5157f4cb4dedd6fe29661bc3400708486ed7a0dcbb5e32bc61f68_arm64",
"8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:344d572012f7a894b1c4208e51b3e2b20fc46723972de2431494ce7d86bd7694_s390x",
"8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:97cda65bbc9c9da02d5cb804354ddd5879787dcc0d87e354b20fbb66d0a88c22_amd64",
"8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:aa4f75dc9257e6244b177efd1b727a6f42639dbaf26d8b1fff6013698548a2fd_ppc64le",
"8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:27709f9b5f7bb83996e8ce92e02e379a9533dc74bf8997c5789676727547c710_arm64",
"8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:442cccd2570283d4b98fd115ca354905121e375560332f1718e790e431caa87a_amd64",
"8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:4515e7dd38daabaddd921e52a73d7c1272dfe2a0ddf21a2a36994f0335af8cb8_s390x",
"8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:fa9ca39b3ddb6213daa0350f27f7e2099a728de5aecc031032e688626e754382_ppc64le",
"8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:03996c596cf7360aa4ab3b15e5cbaca13facb7a982ce6fb17e696f3b7711a4fa_ppc64le",
"8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:a2d0e849a731c00405d2ff0d109ba63cde8196525787ac8c454f0a405c994fce_s390x",
"8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:ab64cf0bbd15cef347b302a1933dc88172f5db8f730d758177639c8f869e063c_amd64",
"8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:d715956ae4cc984f551480ef4d43337c0ec5db7488c9ebc16d061c5b015e6ecd_arm64",
"8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:616a381b172de928f5460b77ecff39c0c285dc69efe52161755348f9dcf1318e_ppc64le",
"8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:73141807ef57fa62d1f827956d1835bed5e9fe8033fa51429cba6c055fca9cd7_amd64",
"8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:82a4817ed9a8b3040c69b5fc0328a1bdfbc2bddc78229855afc571c36789c531_s390x",
"8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:e30dbde785d8ffd716deeea10c6d08b8bc2a1ef8d3994618dccbd5cd04e18fcb_arm64",
"8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:1247fd4ec39b8eabe95101251efe86f5cf3f652e46ab54fe218b9b595dfb0eb2_amd64",
"8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:949f045375b480fea4957f5948da59529ddf11b49dd2545763bec570291f6b4b_arm64",
"8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:b3fccae0f3e18c5da3622307e020c0e102ddd33e93ccfce67b9dc2e2fd859b87_ppc64le",
"8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:b7e7b0b5651fcd4bfa344c1fff8bb17f4e088a1fa7d5577a983e00817e32310d_s390x",
"8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:11d9f2f0596b78de203b009a208d00dbba55d101b8abf93a1299cfc50b37ec62_arm64",
"8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:148cce1e22e9112eadd38e60af4b5f4b5c483569646e84cf859d17c6b9d37f57_amd64",
"8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:199c50f2e510493dd660739f4acbf831c4855b12927f531d1af6f96c76dba547_ppc64le",
"8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:f68201802e6754412c1181f707aed07058ad1e0d4d22b300c89c73de48cfd3f8_s390x",
"8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:03e5c4e4dc14a3486ea7e682dea8b0eeb22f7316a309f15de69e85c988c06fd7_amd64",
"8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:12c712adceceb029355b9b4a037bfe66a2a08ce3c6a2ce7793d6d2e9533dc470_s390x",
"8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:a1ca558db817306610d0282bb2dcd95467478cf986d9eab68d63fcb915a0058e_ppc64le",
"8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:a4700bdcda826ff18dc059a2df83f99ef39973e9fbfffff1b4ff8e6182d764ce_arm64",
"8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:0c9b23fa9b2fb28fc7a36a80c8a34a525b5f112c4bf956d258c41a2fc731f94d_amd64",
"8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:6e68ad16de1a769cfcf47cc06353f53fe9f485132b7756aa38aea0e79ea119f9_arm64",
"8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:71c6820b975b2d516c0848fa3ca6c608069e7ab352335201f1eaa7bf4c7c4554_s390x",
"8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:d3a26063213be409de7495218e0f1407280fef45c4cb140c2d1829932c0989d1_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2104"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:42026bfa5539615a6c17d07a02f86c1dcf2dae850fb83f813527545240338148_s390x",
"8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:79faff8ac18214edb139b4016afbf801ed922c6fe018309128d088ac75c869b7_amd64",
"8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:ae6560072188b106a05bcb0cb0b30c8cdd5fd0c9b09b689a6c5ed0bcec555a15_arm64",
"8Base-RHACM-2.5:rhacm2/acm-cluster-proxy-rhel8@sha256:c3153f927005f6370671a11909983393037a79fb4db7feee689474109dc7fc78_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:12f96d091141a222cf30155e1bf0f2602af874877fe079d2b0d3c03a8c923db9_s390x",
"8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:17fcb839bbcb7c25cbe66a6c19dd48252ac0a03cf6335201407d111bf6b5015b_arm64",
"8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:4780cf81b07b6a003804fd780dfe9cafa3ba8d3f27083095e9ea68ef7827613c_amd64",
"8Base-RHACM-2.5:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7fb67d35bad7f0c7f9ab5f2de9bcb7d78f5482207a986b982ad1120fb2c359f6_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:27a794307bbf4e9dbb593f2f118304ec0adab0b4e2f2cebe352a830d8f8164c5_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:b2cf4eae8410b345ab5222673e73985854ad6a1684c0f0e41d5913d0cb697081_amd64",
"8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:d246af9d90b8fd808763baf870a9ac1665bf04e5e0c8ac442e51e6be50a2a9c8_s390x",
"8Base-RHACM-2.5:rhacm2/acm-grafana-rhel8@sha256:d936283544611591dd94849e3bf9c3c44b8415992e62ce732b8f3c347d3166f6_arm64",
"8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:12ad5b3157e7702a0b05effd000978e8ad277b45aa6fc06b726e01e1142cd354_amd64",
"8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:5eea4e889a403d1e9530980eaa0a973c1453c24fda8ada59957bbc4f20757551_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:b1eb1a70b514f725f926648ad0c39d1305653941db2a452c0ffc351ac0438531_arm64",
"8Base-RHACM-2.5:rhacm2/acm-must-gather-rhel8@sha256:d70951cdff2f6c5781d39bb30190048b6a32b75c2c1d3b7db308574e578cd7d1_s390x",
"8Base-RHACM-2.5:rhacm2/acm-operator-bundle@sha256:8d21655a022072564d48ab764b5da765c9b1dd0a84f76ac4875cbde944c04747_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-operator-bundle@sha256:95dc381e453cd2201b460cd5096de0f4d061e9fc9a6b6b4e4c4d283ec57e9286_amd64",
"8Base-RHACM-2.5:rhacm2/acm-operator-bundle@sha256:b46e6e7b2b79f0bfc292df064ed34d4efeada493b0ce770403c7cbdf3bb44662_s390x",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:1630964477b19fcf69f8eafdb83a39c8588a324819ffa415908a1de31f9fff2b_amd64",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:4be1d5580dc2dd49b2f94c0c57e2de081ee54507cd1f422e9eb7a4126f6a36c3_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a6f16ef252a256fbadebfbd01b70bbf748e82179285602f1f1735b0933bb67d4_arm64",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b07234d4c68754696040d68aac03a11d6303d6a2d7358e1213a492f3e25b92bf_s390x",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:1e11a1e52ab4a696df5ae1403a9a6539cc94931e486d575f28f35c6ad1202428_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:7a3cccfe7a1a7b57d6aa1b3576e87134585db2f41bfff9b4b50fa54391ad8888_amd64",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:c8213633b8e670bf33b22ca87c8a309558ce4740b709847174c2ab366df324b0_s390x",
"8Base-RHACM-2.5:rhacm2/acm-prometheus-rhel8@sha256:f4e06e80479dccae5cd97069a50623ec388df93f563191fe6159f3f813aa84db_arm64",
"8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:8a721e578b78b6e56f92a9ddabebe1843b50492bdc9e42d00c757e8d239d9dbb_arm64",
"8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:9fa12720e772f7e8e101943742e0927d35cbb112ab1268a58faf3f73fbb0ea50_ppc64le",
"8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:c6f835ad002890b59bc09b4da920c74f9b7a2777a8d149c6584e279888418dd1_s390x",
"8Base-RHACM-2.5:rhacm2/acm-volsync-addon-controller-rhel8@sha256:f6faa8e2ad741c66a4a9ba379dc898f25bf4765d01976bd8b4f395014c09967e_amd64",
"8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:694c13fb7de1591dd9c0a2441662cf9703dad6352a5c7b83600fe140cb443fef_amd64",
"8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:6ae568aa7fd9da2953cc7036667a2c030306a0acbe3de0eabe886b63295bf29c_arm64",
"8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:b5929eb3b7e752188ffa76babd79b19368cef5c3d3c50e32c0b72f26c0c70784_ppc64le",
"8Base-RHACM-2.5:rhacm2/cert-policy-controller-rhel8@sha256:eabe8d58dccadd52e9e668652cbe56bcd64b0518a81928dbed1bc7140e5d9056_s390x",
"8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:1af56fa1c3c76044c8452ce2dd903a53fdc4e3e017dcb67a1e85341e8fc0a28f_amd64",
"8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:d7337ca51bfb99caf69c95470441c3d77249893d53a561375295592cd207b1ec_arm64",
"8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:de535249ca4da9dac78a074b64c3d4bef794750a7529d800e4725dfabc4a462b_s390x",
"8Base-RHACM-2.5:rhacm2/cluster-backup-rhel8-operator@sha256:f296df788cc318a3d978e4e1fc8358d069b3979ca1fd6698d6727858978a3109_ppc64le",
"8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:413c48ae42a0ba00b7cc085fa33b01dbec8dc05cac50602093afcb60a6587391_arm64",
"8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:672f989d243cf3648e7268f2d6b6a241635beec2c8a13398b4a3c2df4b231948_ppc64le",
"8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:934a586cc479b35ff5f665f327c77ceaeec953b368bd2bcd375c3e4e28dacd62_s390x",
"8Base-RHACM-2.5:rhacm2/cluster-proxy-addon-rhel8@sha256:a14e9bf26af979c1da90a9b12a970069302db8de309eaf94f4b94826938cab49_amd64",
"8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:273d357f500611a39987e50453bc243d4f1f85ecce6fc90a97fa2b4580f37b02_arm64",
"8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:51a5f1b376661bd3d2c7dcdd3788bcad526016aba2b80c72c83a72b0b04df78e_ppc64le",
"8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:cfdf9d8d8bd73f9f137830bfd3f00abf4e4e82cbecfe96c81b99a7ff8410dbff_amd64",
"8Base-RHACM-2.5:rhacm2/config-policy-controller-rhel8@sha256:f844d954943c1641b3d14609ba02ff68b196f78bc25d09387893b80afcca6991_s390x",
"8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:349e86cf0b80d820089c9f694fc24e9ad4901819ee53b8aea3724a750b8f85aa_s390x",
"8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:43d0001814b8e3df5ea9cc4a75673388feb2e03443de3e3126bd353e8a709c58_arm64",
"8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:c0692ce4672eed1258569ce2d166a39bcce1d0276ed2b910eca1604f012d3444_amd64",
"8Base-RHACM-2.5:rhacm2/console-rhel8@sha256:e0329f2b0495e5657c777f0d4ba219357faf00708b85e0fcbfad448110d88c99_ppc64le",
"8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:6543b5d66776cd49f7b75034f56a841a8fdc33464a24d0aa1dab660ce2aedf61_ppc64le",
"8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7debc3bbbaa7cb11fb38a316b6eeffcf3150ffab71535254288033dfe6e12d5d_arm64",
"8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1b96ba99a5b502cb1a128da6deef8fd9bdbf85750d331a9673161795796147_s390x",
"8Base-RHACM-2.5:rhacm2/endpoint-monitoring-rhel8-operator@sha256:7f1ff7d70f504c4e14edc8df0c3f9cf58f22561f08bbf1f2f3985160b221ac3d_amd64",
"8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:31e9c532ca1b4f1821e7d5b1a8ca55ccb7fefe3e8f35814a9e4f2a4596f9a365_arm64",
"8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:6acd7f14d35e1296964fe4b8aff906447d039c115766483eb6d976c5fe3cf6f4_ppc64le",
"8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:853b393a1e2b36206f6f76a6986a21b9a699848fc19cf4063a8af02fb1526be5_s390x",
"8Base-RHACM-2.5:rhacm2/governance-policy-propagator-rhel8@sha256:ebfd9e8df0e526dae8ee90a7964ed4d40c6b8d10b105284855c1023a43c47960_amd64",
"8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:1dd978c5a126f4d77754b6ecf92fe43f8451bc705e8f04a948963de3e2156c8c_s390x",
"8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:257a7018b6d5f8ce3706892b2b8b5da18d094b1086b72969489a0dbacdb7b072_arm64",
"8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:7db39af24f5729fa7d2aef81125a6ca2e207807a61e628133cdc6dadf090593a_ppc64le",
"8Base-RHACM-2.5:rhacm2/governance-policy-spec-sync-rhel8@sha256:ea9ff26561b4bf178ca2ad2ed621e1e4174a7a4d6812a1c09a19f026c7097110_amd64",
"8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:57ba12f9bfbe0a5b4c8c68aa0372ecde4f60162405e70d0e87c157839ef0c7f2_amd64",
"8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:5e991a67ed60a2e7d9c63f7ba448d2b1ea851cf80b4b8bbf921c6aab4fb31991_s390x",
"8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:60cce7b2596c3e9a12fabc08652beddaeacd786b56db6601ca5e06a7da94b0f8_ppc64le",
"8Base-RHACM-2.5:rhacm2/governance-policy-status-sync-rhel8@sha256:620836af3504d61da539dddb3bcf083ccf67da57eea0dada8986dfaea758afc6_arm64",
"8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:205eb25e8036c45863c221ea969b9b68ff0e3915fd1560fd76e62fa0c11ffb16_ppc64le",
"8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:9ba5f63e9594b8507b617c136eb79b006202bf36e0dda88586eba69b8950727e_s390x",
"8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:bb2507fcfde82de4ea0581942f208bde0a225dc5fff35933aa3c90c8daec1b8e_arm64",
"8Base-RHACM-2.5:rhacm2/governance-policy-template-sync-rhel8@sha256:caf169dcb0e561d6c25deb4dc12f5a28955fd7f998de5ef95f7aa5c4b781c34a_amd64",
"8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:03f136165015a319b3ec01b1e45c6011928a856557fbd3448e85a05ac41a5d33_s390x",
"8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:6c012d7109ad50b13f8603f347fb4bf23e7ae2b9a07b1e7b722c49ac4967b72d_ppc64le",
"8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:abc83c5c4ba389637fc51d113639042e6d670bb601f564350e3cb5759c63c8b8_amd64",
"8Base-RHACM-2.5:rhacm2/grafana-dashboard-loader-rhel8@sha256:ba250b395ade07ec66e92c7869e8336fd8fc84546448f8f2ec2da1e0a833bab7_arm64",
"8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:2cdab722befeee51a4c8e3768c9d128663294e6cc9140c71270125bbbb5256a7_arm64",
"8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:7ffb5597a30cff6a3354297b49f9abc40659af14969912dbbae18f1b8e02d040_s390x",
"8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:ea93d398ec3c324ad3c6f2745e2f108fc11a5fad461072283a331287798a14a5_ppc64le",
"8Base-RHACM-2.5:rhacm2/iam-policy-controller-rhel8@sha256:fe6035d3ceaeeb5613d843f9d9f2ac54ee2feee4acb5cdb90a67e91ddb559ca7_amd64",
"8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:78a7cc419032136a10af2ac80a7a63d14d7061e299516ad6b6ca12ced0a67e2d_ppc64le",
"8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:a9e826524107d040b3be58c5d63c5c43255af422f354c629cfccb27fbbc90f03_amd64",
"8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:bd3b882f8e39f32ca41ae5f063dac4a5952f87aa6742f9e64b70f652d687b451_s390x",
"8Base-RHACM-2.5:rhacm2/insights-client-rhel8@sha256:c510082c0d9c9e51773405d04a2d1ddfe1d88a6201c68cfb177c952c5eeb1e2f_arm64",
"8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:177e43c69b52c6b37ad65a847eaafb19fe1bcb4ca792f1f9cfda6e055e893c9b_arm64",
"8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:82c5835e7bd90ab24530f0819e890abb638bdc67febb6e9c27381037e58ee337_amd64",
"8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:935020d5ea1bde696e163c7161d4538aa2fbb8a9422e6d00b06bdb94ab0b3e26_ppc64le",
"8Base-RHACM-2.5:rhacm2/insights-metrics-rhel8@sha256:b2160c35fe42e7d88d3265bce1b9f2f84e79af55f935be174ddbd6413bd3f2d2_s390x",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:0ff0f35f5963130b202c05d9a349b60b32ac3934e4e1e0b537d1cae1a5b4dddd_amd64",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:64cad7e21fdfcad78af0bf6686fa36e54f2111254404d6d7b2a8aa9f6fac4009_arm64",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:766025ff8324ab792dc0fe30192b72b1f6e681695ff9369fdac7cd1f5d0be964_s390x",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-controller-rhel8@sha256:dd9dc2f148b72eafd49a59f6913bbe56f4a0c0fb0880f40964241790d9b8f042_ppc64le",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:43c685c96537b0ae174f47abdec172ace314673c758156ebe6b241956be15e35_arm64",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:8403e6090adcc06402b6f523848e68c6ea3199a65aea23133b9cb4efd643d12e_amd64",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:952c658730d28302d2ea3db85650666981a96c8ac372e5f98256a6ac5de0872c_ppc64le",
"8Base-RHACM-2.5:rhacm2/klusterlet-addon-rhel8-operator@sha256:c405e7ace2ac21a6af6e8a6dcff0d1401d4e867d18b09390250509898898fca0_s390x",
"8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:2a82563ea7eb827d9794d58d1b3fe6ed986e063e321daf0c71a8e045e7fb0b97_arm64",
"8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:48027540bab7cba6ba0d0fbe5fa1405e4fff1e400603662e406b3b8250becb17_amd64",
"8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:9a2ae345587d42587c11fdb31a044fad24d031b53879e670c07b0f4d4ee9289d_s390x",
"8Base-RHACM-2.5:rhacm2/kube-rbac-proxy-rhel8@sha256:f6560334142127a5287615b508fd02be7f260ed48878479d7a697d8b7c096df9_ppc64le",
"8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:1eefd48372a62522af3201d7c420e6172c967620119a9d1fbf721bbfa3c8662b_arm64",
"8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:726946bb75359dedd7b3b7f242078070da27c6ec8fe5f5d0a335f8c43b497247_s390x",
"8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:e0f92706e646954cf0ee372d26a258736183fb1d4166ffe72026f0d5798a805c_ppc64le",
"8Base-RHACM-2.5:rhacm2/kube-state-metrics-rhel8@sha256:fd1c3172d4e524dbdd236f25395eca3b0fecefe566bddf817fee2a2d6c11ce41_amd64",
"8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:2dc95682188c90fddfcfd844881e636371a8febe0106397888b9647cccd82e22_amd64",
"8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:53b3b39ac29c20f49b396d0373a058a428866b35ca68909e25b16d2bf9a549c8_arm64",
"8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:e9c8b25c555767f6e38ebc3f705b828dab980d24372c834e19f98ca5f747aab4_s390x",
"8Base-RHACM-2.5:rhacm2/management-ingress-rhel8@sha256:f12af1c3fa06e65c3c6ebf9ab4480f37ea20b9ef512951586d67b91f39049eda_ppc64le",
"8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:180f4c99795f9d2ca6443f9b1aa7b7d312badde5ad178883a322fbf1e32668b6_s390x",
"8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:665a3780f90b7a368a9b8029b82ec67706edcc43f19bef00699938b5d69ad3af_arm64",
"8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:77d392b5aacc8d801555e67617e190248aaed68fbe7c94441c1388b5cb8413ea_ppc64le",
"8Base-RHACM-2.5:rhacm2/memcached-exporter-rhel8@sha256:f3dd4ab4cec97b6386d184840458d280d0bdf87e2e1655979b6993375e999fb4_amd64",
"8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:23a56996738b70dde20a1cdc501b827827ba36894db8cd9826363b69d8839fa8_amd64",
"8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:658614306f6af7dfad068e94b82632e56e05a4c82573363b8040515ffa293baa_s390x",
"8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:8d3fd86ec310053c5dd830dd92a80435e70c77514de7944c20109167e364c858_ppc64le",
"8Base-RHACM-2.5:rhacm2/memcached-rhel8@sha256:c2e6e977525643713a0bf7a60fe41c2b417564bb73da4272f76609fc02faa89c_arm64",
"8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:847f175776002883e98bc65bd0c4b41ec77f4b7c7b732beca3fbd9b5381e28cf_amd64",
"8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:bb49e64f19f5e8437c1eeb0feeec4ca5c5c96138e92a0e8ffa5e5113cfa9efd3_ppc64le",
"8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:ec44df7a78953b308020eabb6e304a5ff6582a319643bd44801f1a5f4ddfb69b_arm64",
"8Base-RHACM-2.5:rhacm2/metrics-collector-rhel8@sha256:f77de7ec080ad1b2d46a0020ecb19a56bb666244c0166efa8ba13cd74720b24e_s390x",
"8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:5130c638f0cb5c5da92a79d7a62806836d63fff3432ac9455f0354c22dd956bd_ppc64le",
"8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:7c06a0724a5fbe7dfc5c3fcb486963dbd9669d21e83d971c5d4cef144b3e498e_arm64",
"8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:9cf5c2d969971bb650ef6292e297f17d60aba96495656e86d2dfab6a63506bfb_amd64",
"8Base-RHACM-2.5:rhacm2/multicloud-integrations-rhel8@sha256:fff0e652bd2ff20104be92b1e7a68137154c8c91a3fc693240c546dc4ed24a7d_s390x",
"8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:2fc1f279e5ea52a4065d6a2e11045f4d3ed690341f61547381770cd6dfcd16eb_ppc64le",
"8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:483385e39d12236ae4e141cce2a2f36e53cfa60b27d53744ee3acd55773531f4_s390x",
"8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:94c991f8a50f2f7f053fd2312bdca91a4c37d75bfb81fcb89997910dc4060d60_arm64",
"8Base-RHACM-2.5:rhacm2/multicluster-observability-rhel8-operator@sha256:9dc50b329620f973b487851c178c117c98458ca0345e95cfe132077eb41ec82f_amd64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:5a9f047369f26599841935ecba6c44365626abda4d1b147a0535945b79a28ed6_arm64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:60e1dc469ad22eabf7c4196a0bfcea6a98bdefc095e3dac5a7a9c6afd995a569_ppc64le",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:6d027f6201b58eaf5cf7f8e00ab3892b06cfe51cea0398779a0c610c24d973a3_amd64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-application-rhel8@sha256:e6c1af572e3752fc7a500eb2a83af5007686c5eb20d6d7835283ab5c95fe4d0b_s390x",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:1409fc96147bf7ceb384434b9413845aa08cc7fb137044b3ebe9d8382b5439d5_ppc64le",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:19289b0a7fc403741c6b9b4ca7942830c7e5fb27be742204f8ce70107347e2f8_s390x",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:351f51131b86bbc57f989995c61302b083194f5fc9fe9e4fabad9fb981e86af8_arm64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-channel-rhel8@sha256:a84876ffe39b4d4ff88202aa4f7b003b5bb5d6c861f2f06d12f3f6c1eee76b5d_amd64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:16ee05735318605d0b056f85dd63ca67bfc1f133f0431b6471bf8f048f73ed1e_arm64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:1bdefa82ed71290123f6110a3bb9a9aba9f241e47a9fdecbb593468ead951977_ppc64le",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:7701135183a6283a7ec73e1a8431ec1f4056b73d5aff083ffcdfc34a4061c77a_amd64",
"8Base-RHACM-2.5:rhacm2/multicluster-operators-subscription-rhel8@sha256:b239125eee8c5de8f5aa3b5933cd2351920fa157e9276e3409c22dc2e8a9a228_s390x",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:251fdbfc363c19a627f63fbb22a6a592a8a296774185c1aa0096c114d0bd4091_arm64",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:4d43221046f770b6f035d9e891562b66d12cbafa12ed2f64449c4cfb9046c578_ppc64le",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:4e472f967f2ed248a41901f1eea143f8b53cc67d2b00fb7f366b30e0ad4c3589_s390x",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-repo-rhel8@sha256:b9490680a3ecd5a5888370a2d6008ce5e9a5734213848f9ca40e3ead9a87c561_amd64",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:2762fa7fbdf750aa78402ac7342666868e01191f2eb19f45fade7da1a0267995_amd64",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:2d46519833383fa8ad6dd8fa221a83b8546d99e5ecddc97115812a1c5d74ce08_arm64",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:696ba3d5ab05c91a4cca2d42cd333d86ea403d96795c09b4e263927338b37aed_ppc64le",
"8Base-RHACM-2.5:rhacm2/multiclusterhub-rhel8@sha256:96d55bba7efbfcb441d30ac5cf276bf3b4a103f128fcc78b2feb8bd6a655fef7_s390x",
"8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:1d0c886b13aa793c1020be7fa5cd561301679fc6274199ccff15ad71543359c1_arm64",
"8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:4a20372b3bdbad27be2a66394cf478510f46d1623196e0edef5f4d30b2c6a481_ppc64le",
"8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:d3c8623f8e58908c2955690a448f7684efb851d0eb32940415cc824cef049416_s390x",
"8Base-RHACM-2.5:rhacm2/node-exporter-rhel8@sha256:d451edefd87f86ddfc042c1216e76e3e6a94cd4375ac3626c3c1dcaca88827d6_amd64",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:30c58870faabb47c374b30d98520532e7e053e050daf8bed4a1fb743bf486889_arm64",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:69af1060e3e46d6b50e7236dff741d74c2f79b1d6791f5f14079d32caa93adc4_amd64",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:7e21e40121c3af549229b0933bfd6e9d0f705fa5285936c489c4df03a0625e71_ppc64le",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8-operator@sha256:d9b626336ef66d09cddd9bf3a18c9bec87ed38c943d482d3e75dce8e35241302_s390x",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:437b4ed4b258e75f44f5637bd5dfae6b84bd6a44546ed658bded0977e0bf1bc9_arm64",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:5c81a6e390614069fb163ab03b85f9d97f4fa844e37840bd5506ea146648453b_s390x",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:ddf8516f281d15b217becd9bc79c56ac30bc814ed607a76cd5244d1a270e2efe_amd64",
"8Base-RHACM-2.5:rhacm2/observatorium-rhel8@sha256:e43c7a3af4de5d8933d6d961db25c3d635af7dbb62f9b69bdc72bc0b408e54e8_ppc64le",
"8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:31e9c23c4910f67e4c47a5bc5108e355ad0d10803fc2acb7f8fa26803ef3db47_arm64",
"8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:5136daa52d90cb01f36e9c8893c9258a4d4897da9d643aa55bbe70dd595069fa_amd64",
"8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:a9950fd16ed4c57c8f9d57b7d67b0d799c06c0aa35009bf9ee65b4efe1199621_s390x",
"8Base-RHACM-2.5:rhacm2/prometheus-alertmanager-rhel8@sha256:f3bc894a07da644b30e4f1961e027af4a77f6cae43c31a7f6c7cd7f2f15dbf5a_ppc64le",
"8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:4e89bd8af4de796b1664facfb75472e04f3a100e05a31c465e0fc1632f2d8922_amd64",
"8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:6711573af9580dc36f2b6d1f650c64eaf079095c9afdefacb1483a92c2c5d3bb_s390x",
"8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:7493e261657f796e172d612b11a782802d305a43f08b5a142516d9c49d4fd8ea_arm64",
"8Base-RHACM-2.5:rhacm2/prometheus-rhel8@sha256:df47ccd132cc17cac35d4a597e2d1582d1086754b402b5579f177a54d7e8dec8_ppc64le",
"8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:34d2b9425cf277415a42493a53de6c08d23f5fbec34adfac581e161ef112a751_amd64",
"8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:7a724abe99c4f15328d11c29ab2fd94dbed3771353d5eaf3dabcfab9a929b1ce_ppc64le",
"8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:90a616349526a7b2bfbff5edbb4c5914dbcf0b472ed763966871a92d9996700a_arm64",
"8Base-RHACM-2.5:rhacm2/rbac-query-proxy-rhel8@sha256:e749feb6787bc37d826bbfb6bf7fc78509c31e3cec10b74791ff13f06ec1e519_s390x",
"8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:19bb860788c5157f4cb4dedd6fe29661bc3400708486ed7a0dcbb5e32bc61f68_arm64",
"8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:344d572012f7a894b1c4208e51b3e2b20fc46723972de2431494ce7d86bd7694_s390x",
"8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:97cda65bbc9c9da02d5cb804354ddd5879787dcc0d87e354b20fbb66d0a88c22_amd64",
"8Base-RHACM-2.5:rhacm2/redisgraph-tls-rhel8@sha256:aa4f75dc9257e6244b177efd1b727a6f42639dbaf26d8b1fff6013698548a2fd_ppc64le",
"8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:27709f9b5f7bb83996e8ce92e02e379a9533dc74bf8997c5789676727547c710_arm64",
"8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:442cccd2570283d4b98fd115ca354905121e375560332f1718e790e431caa87a_amd64",
"8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:4515e7dd38daabaddd921e52a73d7c1272dfe2a0ddf21a2a36994f0335af8cb8_s390x",
"8Base-RHACM-2.5:rhacm2/search-aggregator-rhel8@sha256:fa9ca39b3ddb6213daa0350f27f7e2099a728de5aecc031032e688626e754382_ppc64le",
"8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:03996c596cf7360aa4ab3b15e5cbaca13facb7a982ce6fb17e696f3b7711a4fa_ppc64le",
"8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:a2d0e849a731c00405d2ff0d109ba63cde8196525787ac8c454f0a405c994fce_s390x",
"8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:ab64cf0bbd15cef347b302a1933dc88172f5db8f730d758177639c8f869e063c_amd64",
"8Base-RHACM-2.5:rhacm2/search-api-rhel8@sha256:d715956ae4cc984f551480ef4d43337c0ec5db7488c9ebc16d061c5b015e6ecd_arm64",
"8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:616a381b172de928f5460b77ecff39c0c285dc69efe52161755348f9dcf1318e_ppc64le",
"8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:73141807ef57fa62d1f827956d1835bed5e9fe8033fa51429cba6c055fca9cd7_amd64",
"8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:82a4817ed9a8b3040c69b5fc0328a1bdfbc2bddc78229855afc571c36789c531_s390x",
"8Base-RHACM-2.5:rhacm2/search-collector-rhel8@sha256:e30dbde785d8ffd716deeea10c6d08b8bc2a1ef8d3994618dccbd5cd04e18fcb_arm64",
"8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:1247fd4ec39b8eabe95101251efe86f5cf3f652e46ab54fe218b9b595dfb0eb2_amd64",
"8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:949f045375b480fea4957f5948da59529ddf11b49dd2545763bec570291f6b4b_arm64",
"8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:b3fccae0f3e18c5da3622307e020c0e102ddd33e93ccfce67b9dc2e2fd859b87_ppc64le",
"8Base-RHACM-2.5:rhacm2/search-rhel8@sha256:b7e7b0b5651fcd4bfa344c1fff8bb17f4e088a1fa7d5577a983e00817e32310d_s390x",
"8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:11d9f2f0596b78de203b009a208d00dbba55d101b8abf93a1299cfc50b37ec62_arm64",
"8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:148cce1e22e9112eadd38e60af4b5f4b5c483569646e84cf859d17c6b9d37f57_amd64",
"8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:199c50f2e510493dd660739f4acbf831c4855b12927f531d1af6f96c76dba547_ppc64le",
"8Base-RHACM-2.5:rhacm2/submariner-addon-rhel8@sha256:f68201802e6754412c1181f707aed07058ad1e0d4d22b300c89c73de48cfd3f8_s390x",
"8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:03e5c4e4dc14a3486ea7e682dea8b0eeb22f7316a309f15de69e85c988c06fd7_amd64",
"8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:12c712adceceb029355b9b4a037bfe66a2a08ce3c6a2ce7793d6d2e9533dc470_s390x",
"8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:a1ca558db817306610d0282bb2dcd95467478cf986d9eab68d63fcb915a0058e_ppc64le",
"8Base-RHACM-2.5:rhacm2/thanos-receive-controller-rhel8@sha256:a4700bdcda826ff18dc059a2df83f99ef39973e9fbfffff1b4ff8e6182d764ce_arm64",
"8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:0c9b23fa9b2fb28fc7a36a80c8a34a525b5f112c4bf956d258c41a2fc731f94d_amd64",
"8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:6e68ad16de1a769cfcf47cc06353f53fe9f485132b7756aa38aea0e79ea119f9_arm64",
"8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:71c6820b975b2d516c0848fa3ca6c608069e7ab352335201f1eaa7bf4c7c4554_s390x",
"8Base-RHACM-2.5:rhacm2/thanos-rhel8@sha256:d3a26063213be409de7495218e0f1407280fef45c4cb140c2d1829932c0989d1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability"
}
]
}
RHSA-2023:2654
Vulnerability from csaf_redhat - Published: 2023-05-09 11:51 - Updated: 2026-07-02 09:03A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
A privilege escalation vulnerability exists in Node.js <19.6.1, <18.14.1, <16.19.1 and <14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
Workaround
|
A cryptographic vulnerability exists in Node.js <19.2.0, <18.14.1, <16.19.1, <14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
A flaw was found in the fetch API in Node.js that did not prevent CRLF injection in the 'host' header. This issue could allow HTTP response splitting and HTTP header injection.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (18.14.2).\n\nSecurity Fix(es):\n\n* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n\n* c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904)\n\n* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)\n\n* Node.js: Permissions policies can be bypassed via process.mainModule (CVE-2023-23918)\n\n* Node.js: OpenSSL error handling issues in nodejs crypto library (CVE-2023-23919)\n\n* Node.js: Fetch API did not protect against CRLF injection in host headers (CVE-2023-23936)\n\n* Node.js: insecure loading of ICU data through ICU_DATA environment variable (CVE-2023-23920)\n\n* Node.js: Regular Expression Denial of Service in Headers fetch API (CVE-2023-24807)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:2654",
"url": "https://access.redhat.com/errata/RHSA-2023:2654"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "2168631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631"
},
{
"category": "external",
"summary": "2171935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935"
},
{
"category": "external",
"summary": "2172170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172170"
},
{
"category": "external",
"summary": "2172190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172190"
},
{
"category": "external",
"summary": "2172204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172204"
},
{
"category": "external",
"summary": "2172217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217"
},
{
"category": "external",
"summary": "2178088",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178088"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_2654.json"
}
],
"title": "Red Hat Security Advisory: nodejs:18 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2026-07-02T09:03:01+00:00",
"generator": {
"date": "2026-07-02T09:03:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2023:2654",
"initial_release_date": "2023-05-09T11:51:08+00:00",
"revision_history": [
{
"date": "2023-05-09T11:51:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-05-09T11:51:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-02T09:03:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"product": {
"name": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64 (nodejs:18)",
"product_id": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"product": {
"name": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64 (nodejs:18)",
"product_id": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"product": {
"name": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64 (nodejs:18)",
"product_id": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"product": {
"name": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64 (nodejs:18)",
"product_id": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"product": {
"name": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64 (nodejs:18)",
"product_id": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"product": {
"name": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64 (nodejs:18)",
"product_id": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@9.5.0-1.18.14.2.2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=aarch64\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"product": {
"name": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src (nodejs:18)",
"product_id": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=src\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"product": {
"name": "nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src (nodejs:18)",
"product_id": "nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=src\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"product": {
"name": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src (nodejs:18)",
"product_id": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-4.module%2Bel9.1.0%2B15718%2Be52ec601?arch=src\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"product": {
"name": "nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch (nodejs:18)",
"product_id": "nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=noarch\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"product": {
"name": "nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch (nodejs:18)",
"product_id": "nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=noarch\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"product": {
"name": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch (nodejs:18)",
"product_id": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-4.module%2Bel9.1.0%2B15718%2Be52ec601?arch=noarch\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"product": {
"name": "nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch (nodejs:18)",
"product_id": "nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging-bundler@2021.06-4.module%2Bel9.1.0%2B15718%2Be52ec601?arch=noarch\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"product": {
"name": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le (nodejs:18)",
"product_id": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"product": {
"name": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le (nodejs:18)",
"product_id": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"product": {
"name": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le (nodejs:18)",
"product_id": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"product": {
"name": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le (nodejs:18)",
"product_id": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"product": {
"name": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le (nodejs:18)",
"product_id": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"product": {
"name": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le (nodejs:18)",
"product_id": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@9.5.0-1.18.14.2.2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=ppc64le\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"product": {
"name": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x (nodejs:18)",
"product_id": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"product": {
"name": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x (nodejs:18)",
"product_id": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"product": {
"name": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x (nodejs:18)",
"product_id": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"product": {
"name": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x (nodejs:18)",
"product_id": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"product": {
"name": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x (nodejs:18)",
"product_id": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"product": {
"name": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x (nodejs:18)",
"product_id": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@9.5.0-1.18.14.2.2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=s390x\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"product": {
"name": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64 (nodejs:18)",
"product_id": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"product": {
"name": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64 (nodejs:18)",
"product_id": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"product": {
"name": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64 (nodejs:18)",
"product_id": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"product": {
"name": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64 (nodejs:18)",
"product_id": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"product": {
"name": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64 (nodejs:18)",
"product_id": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@18.14.2-2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
},
{
"category": "product_version",
"name": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"product": {
"name": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64 (nodejs:18)",
"product_id": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@9.5.0-1.18.14.2.2.module%2Bel9.2.0.z%2B18497%2Ba402347c?arch=x86_64\u0026epoch=1\u0026rpmmod=nodejs:18:9020020230327152102:rhel9"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64 (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18"
},
"product_reference": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18"
},
"product_reference": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18"
},
"product_reference": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18"
},
"product_reference": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64 (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
},
"product_reference": "nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64 (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18"
},
"product_reference": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18"
},
"product_reference": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18"
},
"product_reference": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64 (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
},
"product_reference": "nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64 (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18"
},
"product_reference": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18"
},
"product_reference": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18"
},
"product_reference": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64 (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
},
"product_reference": "nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64 (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18"
},
"product_reference": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18"
},
"product_reference": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18"
},
"product_reference": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64 (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
},
"product_reference": "nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18"
},
"product_reference": "nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64 (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18"
},
"product_reference": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18"
},
"product_reference": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18"
},
"product_reference": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64 (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
},
"product_reference": "nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18"
},
"product_reference": "nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18"
},
"product_reference": "nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18"
},
"product_reference": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18"
},
"product_reference": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18"
},
"product_reference": "nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64 (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18"
},
"product_reference": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18"
},
"product_reference": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18"
},
"product_reference": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64 (nodejs:18) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
},
"product_reference": "npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-09T11:51:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2654"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2022-4904",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2023-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2168631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "c-ares: buffer overflow in config_sortlist() due to missing string length check",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this vulnerability is not important but moderate because exploiting the vulnerability can lead to a disruption of the availability of an application, yet doesn\u2019t compromise data integrity or confidentiality. The opportunity for disruption is further limited due to the requirement that an application allows an attacker to be able to input both untrusted and unvalidated data. Exploiting this flaw requires an application to use the library in such a way that would allow untrusted and unvalidated input to be passed directly to ares_set_sortlist by an attacker. In the event that this is able to occur, the impact to RHEL is limited to a crash of the application due to the protections offered by default in RHEL systems such as Stack Smashing Protection (SSP).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4904"
},
{
"category": "external",
"summary": "RHBZ#2168631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4904",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904"
},
{
"category": "external",
"summary": "https://github.com/c-ares/c-ares/issues/496",
"url": "https://github.com/c-ares/c-ares/issues/496"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-09T11:51:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2654"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "c-ares: buffer overflow in config_sortlist() due to missing string length check"
},
{
"cve": "CVE-2022-25881",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2165824"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact of a succesfull exploiation of this vulnerability will only lead to a denial of service of the system,furthermore the exploitation will require an attacker to specifically craft a regular expression patterns in request headers (i.e. nontrivial input) that trigger pathological regex behavior but since most systems will have limits on header sizes or input validation that reduce the risk of triggering the extreme pathological regex cases which is why this has been marked as moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25881"
},
{
"category": "external",
"summary": "RHBZ#2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-09T11:51:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2654"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability"
},
{
"cve": "CVE-2023-23918",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2171935"
}
],
"notes": [
{
"category": "description",
"text": "A privilege escalation vulnerability exists in Node.js \u003c19.6.1, \u003c18.14.1, \u003c16.19.1 and \u003c14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Permissions policies can be bypassed via process.mainModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in question can only be triggered by an attacker if the victim has enabled --experimental-policy which in many node.js deployments won\u0027t ,which marks the conditions for exploitability outside of the attacker\u0027s control.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23918"
},
{
"category": "external",
"summary": "RHBZ#2171935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23918"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-09T11:51:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2654"
},
{
"category": "workaround",
"details": "Turn off the --experimental-policy in your Node.js deployment.",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Permissions policies can be bypassed via process.mainModule"
},
{
"cve": "CVE-2023-23919",
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172170"
}
],
"notes": [
{
"category": "description",
"text": "A cryptographic vulnerability exists in Node.js \u003c19.2.0, \u003c18.14.1, \u003c16.19.1, \u003c14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: OpenSSL error handling issues in nodejs crypto library",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated as moderate by Redhat for several reasons,first and foremost being that in order for the stack to crash,same thread would have to be used by the application which is a complexity outside the hands of attacker because in node.js workloads may be isolated or not happen sequentially on the same thread, reducing exposure,moreover the exploitation might lead to denial of service and poses no threat to confidentiality or integrity of the system.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23919"
},
{
"category": "external",
"summary": "RHBZ#2172170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172170"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23919"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23919",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23919"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-09T11:51:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2654"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: OpenSSL error handling issues in nodejs crypto library"
},
{
"cve": "CVE-2023-23920",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172217"
}
],
"notes": [
{
"category": "description",
"text": "An untrusted search path vulnerability exists in Node.js. \u003c19.6.1, \u003c18.14.1, \u003c16.19.1, and \u003c14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: insecure loading of ICU data through ICU_DATA environment variable",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23920"
},
{
"category": "external",
"summary": "RHBZ#2172217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23920"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-09T11:51:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2654"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Node.js: insecure loading of ICU data through ICU_DATA environment variable"
},
{
"cve": "CVE-2023-23936",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172190"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the fetch API in Node.js that did not prevent CRLF injection in the \u0027host\u0027 header. This issue could allow HTTP response splitting and HTTP header injection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Fetch API did not protect against CRLF injection in host headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23936"
},
{
"category": "external",
"summary": "RHBZ#2172190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23936",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23936"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23936",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23936"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-09T11:51:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2654"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Fetch API did not protect against CRLF injection in host headers"
},
{
"cve": "CVE-2023-24807",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172204"
}
],
"notes": [
{
"category": "description",
"text": "Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Regular Expression Denial of Service in Headers fetch API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24807"
},
{
"category": "external",
"summary": "RHBZ#2172204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172204"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24807"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-09T11:51:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2654"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-devel-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:18.14.2-2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-2.module+el9.2.0.z+18497+a402347c.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.aarch64::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.ppc64le::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.s390x::nodejs:18",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:9.5.0-1.18.14.2.2.module+el9.2.0.z+18497+a402347c.x86_64::nodejs:18"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Node.js: Regular Expression Denial of Service in Headers fetch API"
}
]
}
RHSA-2023:2655
Vulnerability from csaf_redhat - Published: 2023-05-09 11:51 - Updated: 2026-07-02 09:03A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch | — | ||
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src | — |
A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch | — | ||
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src | — |
A privilege escalation vulnerability exists in Node.js <19.6.1, <18.14.1, <16.19.1 and <14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch | — |
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src | — |
Workaround
|
An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch | — | ||
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src | — |
A flaw was found in the fetch API in Node.js that did not prevent CRLF injection in the 'host' header. This issue could allow HTTP response splitting and HTTP header injection.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch | — | ||
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src | — |
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch | — | ||
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for nodejs and nodejs-nodemon is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (16.19.1), nodejs-nodemon (2.0.20).\n\nSecurity Fix(es):\n\n* c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904)\n\n* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)\n\n* Node.js: Permissions policies can be bypassed via process.mainModule (CVE-2023-23918)\n\n* Node.js: Fetch API did not protect against CRLF injection in host headers (CVE-2023-23936)\n\n* Node.js: insecure loading of ICU data through ICU_DATA environment variable (CVE-2023-23920)\n\n* Node.js: Regular Expression Denial of Service in Headers fetch API (CVE-2023-24807)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:2655",
"url": "https://access.redhat.com/errata/RHSA-2023:2655"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "2168631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631"
},
{
"category": "external",
"summary": "2171935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935"
},
{
"category": "external",
"summary": "2172190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172190"
},
{
"category": "external",
"summary": "2172204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172204"
},
{
"category": "external",
"summary": "2172217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217"
},
{
"category": "external",
"summary": "2178076",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178076"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_2655.json"
}
],
"title": "Red Hat Security Advisory: nodejs and nodejs-nodemon security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2026-07-02T09:03:03+00:00",
"generator": {
"date": "2026-07-02T09:03:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2023:2655",
"initial_release_date": "2023-05-09T11:51:16+00:00",
"revision_history": [
{
"date": "2023-05-09T11:51:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-05-09T11:51:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-02T09:03:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.20-3.el9_2.src",
"product": {
"name": "nodejs-nodemon-0:2.0.20-3.el9_2.src",
"product_id": "nodejs-nodemon-0:2.0.20-3.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-3.el9_2?arch=src"
}
}
},
{
"category": "product_version",
"name": "nodejs-1:16.19.1-1.el9_2.src",
"product": {
"name": "nodejs-1:16.19.1-1.el9_2.src",
"product_id": "nodejs-1:16.19.1-1.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.19.1-1.el9_2?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"product": {
"name": "nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"product_id": "nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-3.el9_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "nodejs-docs-1:16.19.1-1.el9_2.noarch",
"product": {
"name": "nodejs-docs-1:16.19.1-1.el9_2.noarch",
"product_id": "nodejs-docs-1:16.19.1-1.el9_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@16.19.1-1.el9_2?arch=noarch\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.19.1-1.el9_2.aarch64",
"product": {
"name": "nodejs-1:16.19.1-1.el9_2.aarch64",
"product_id": "nodejs-1:16.19.1-1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.19.1-1.el9_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"product": {
"name": "nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"product_id": "nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.19.1-1.el9_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"product": {
"name": "nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"product_id": "nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.19.1-1.el9_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"product": {
"name": "npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"product_id": "npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.19.3-1.16.19.1.1.el9_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"product": {
"name": "nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"product_id": "nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.19.1-1.el9_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"product": {
"name": "nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"product_id": "nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.19.1-1.el9_2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"product": {
"name": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"product_id": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.19.1-1.el9_2?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.19.1-1.el9_2.ppc64le",
"product": {
"name": "nodejs-1:16.19.1-1.el9_2.ppc64le",
"product_id": "nodejs-1:16.19.1-1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.19.1-1.el9_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"product": {
"name": "nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"product_id": "nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.19.1-1.el9_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"product": {
"name": "nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"product_id": "nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.19.1-1.el9_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"product": {
"name": "npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"product_id": "npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.19.3-1.16.19.1.1.el9_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"product": {
"name": "nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"product_id": "nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.19.1-1.el9_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"product": {
"name": "nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"product_id": "nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.19.1-1.el9_2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"product": {
"name": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"product_id": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.19.1-1.el9_2?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.19.1-1.el9_2.x86_64",
"product": {
"name": "nodejs-1:16.19.1-1.el9_2.x86_64",
"product_id": "nodejs-1:16.19.1-1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.19.1-1.el9_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"product": {
"name": "nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"product_id": "nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.19.1-1.el9_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"product": {
"name": "nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"product_id": "nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.19.1-1.el9_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64",
"product": {
"name": "npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64",
"product_id": "npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.19.3-1.16.19.1.1.el9_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"product": {
"name": "nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"product_id": "nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.19.1-1.el9_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"product": {
"name": "nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"product_id": "nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.19.1-1.el9_2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"product": {
"name": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"product_id": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.19.1-1.el9_2?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-libs-1:16.19.1-1.el9_2.i686",
"product": {
"name": "nodejs-libs-1:16.19.1-1.el9_2.i686",
"product_id": "nodejs-libs-1:16.19.1-1.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.19.1-1.el9_2?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"product": {
"name": "nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"product_id": "nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.19.1-1.el9_2?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"product": {
"name": "nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"product_id": "nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.19.1-1.el9_2?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"product": {
"name": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"product_id": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.19.1-1.el9_2?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.19.1-1.el9_2.s390x",
"product": {
"name": "nodejs-1:16.19.1-1.el9_2.s390x",
"product_id": "nodejs-1:16.19.1-1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.19.1-1.el9_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"product": {
"name": "nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"product_id": "nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.19.1-1.el9_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:16.19.1-1.el9_2.s390x",
"product": {
"name": "nodejs-libs-1:16.19.1-1.el9_2.s390x",
"product_id": "nodejs-libs-1:16.19.1-1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.19.1-1.el9_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"product": {
"name": "npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"product_id": "npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.19.3-1.16.19.1.1.el9_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"product": {
"name": "nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"product_id": "nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.19.1-1.el9_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"product": {
"name": "nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"product_id": "nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.19.1-1.el9_2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"product": {
"name": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"product_id": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.19.1-1.el9_2?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.19.1-1.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64"
},
"product_reference": "nodejs-1:16.19.1-1.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.19.1-1.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le"
},
"product_reference": "nodejs-1:16.19.1-1.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.19.1-1.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x"
},
"product_reference": "nodejs-1:16.19.1-1.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.19.1-1.el9_2.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src"
},
"product_reference": "nodejs-1:16.19.1-1.el9_2.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.19.1-1.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64"
},
"product_reference": "nodejs-1:16.19.1-1.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64"
},
"product_reference": "nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.19.1-1.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686"
},
"product_reference": "nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le"
},
"product_reference": "nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.19.1-1.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x"
},
"product_reference": "nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64"
},
"product_reference": "nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.19.1-1.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64"
},
"product_reference": "nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.19.1-1.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686"
},
"product_reference": "nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le"
},
"product_reference": "nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.19.1-1.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x"
},
"product_reference": "nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.19.1-1.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64"
},
"product_reference": "nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:16.19.1-1.el9_2.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch"
},
"product_reference": "nodejs-docs-1:16.19.1-1.el9_2.noarch",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64"
},
"product_reference": "nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le"
},
"product_reference": "nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.19.1-1.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x"
},
"product_reference": "nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64"
},
"product_reference": "nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.19.1-1.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64"
},
"product_reference": "nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.19.1-1.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686"
},
"product_reference": "nodejs-libs-1:16.19.1-1.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.19.1-1.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le"
},
"product_reference": "nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.19.1-1.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x"
},
"product_reference": "nodejs-libs-1:16.19.1-1.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.19.1-1.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64"
},
"product_reference": "nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64"
},
"product_reference": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686"
},
"product_reference": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le"
},
"product_reference": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x"
},
"product_reference": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64"
},
"product_reference": "nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.20-3.el9_2.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch"
},
"product_reference": "nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.20-3.el9_2.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src"
},
"product_reference": "nodejs-nodemon-0:2.0.20-3.el9_2.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64"
},
"product_reference": "npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le"
},
"product_reference": "npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.19.3-1.16.19.1.1.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x"
},
"product_reference": "npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
},
"product_reference": "npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-09T11:51:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2655"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2022-4904",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2023-02-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2168631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "c-ares: buffer overflow in config_sortlist() due to missing string length check",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this vulnerability is not important but moderate because exploiting the vulnerability can lead to a disruption of the availability of an application, yet doesn\u2019t compromise data integrity or confidentiality. The opportunity for disruption is further limited due to the requirement that an application allows an attacker to be able to input both untrusted and unvalidated data. Exploiting this flaw requires an application to use the library in such a way that would allow untrusted and unvalidated input to be passed directly to ares_set_sortlist by an attacker. In the event that this is able to occur, the impact to RHEL is limited to a crash of the application due to the protections offered by default in RHEL systems such as Stack Smashing Protection (SSP).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
],
"known_not_affected": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4904"
},
{
"category": "external",
"summary": "RHBZ#2168631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4904",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904"
},
{
"category": "external",
"summary": "https://github.com/c-ares/c-ares/issues/496",
"url": "https://github.com/c-ares/c-ares/issues/496"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-09T11:51:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2655"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "c-ares: buffer overflow in config_sortlist() due to missing string length check"
},
{
"cve": "CVE-2022-25881",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2165824"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact of a succesfull exploiation of this vulnerability will only lead to a denial of service of the system,furthermore the exploitation will require an attacker to specifically craft a regular expression patterns in request headers (i.e. nontrivial input) that trigger pathological regex behavior but since most systems will have limits on header sizes or input validation that reduce the risk of triggering the extreme pathological regex cases which is why this has been marked as moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
],
"known_not_affected": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25881"
},
{
"category": "external",
"summary": "RHBZ#2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-09T11:51:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2655"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability"
},
{
"cve": "CVE-2023-23918",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2171935"
}
],
"notes": [
{
"category": "description",
"text": "A privilege escalation vulnerability exists in Node.js \u003c19.6.1, \u003c18.14.1, \u003c16.19.1 and \u003c14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Permissions policies can be bypassed via process.mainModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in question can only be triggered by an attacker if the victim has enabled --experimental-policy which in many node.js deployments won\u0027t ,which marks the conditions for exploitability outside of the attacker\u0027s control.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
],
"known_not_affected": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23918"
},
{
"category": "external",
"summary": "RHBZ#2171935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23918"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-09T11:51:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2655"
},
{
"category": "workaround",
"details": "Turn off the --experimental-policy in your Node.js deployment.",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Permissions policies can be bypassed via process.mainModule"
},
{
"cve": "CVE-2023-23920",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172217"
}
],
"notes": [
{
"category": "description",
"text": "An untrusted search path vulnerability exists in Node.js. \u003c19.6.1, \u003c18.14.1, \u003c16.19.1, and \u003c14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: insecure loading of ICU data through ICU_DATA environment variable",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
],
"known_not_affected": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23920"
},
{
"category": "external",
"summary": "RHBZ#2172217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23920"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-09T11:51:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2655"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Node.js: insecure loading of ICU data through ICU_DATA environment variable"
},
{
"cve": "CVE-2023-23936",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172190"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the fetch API in Node.js that did not prevent CRLF injection in the \u0027host\u0027 header. This issue could allow HTTP response splitting and HTTP header injection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Fetch API did not protect against CRLF injection in host headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
],
"known_not_affected": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23936"
},
{
"category": "external",
"summary": "RHBZ#2172190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23936",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23936"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23936",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23936"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-09T11:51:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2655"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Fetch API did not protect against CRLF injection in host headers"
},
{
"cve": "CVE-2023-24807",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172204"
}
],
"notes": [
{
"category": "description",
"text": "Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Regular Expression Denial of Service in Headers fetch API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
],
"known_not_affected": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24807"
},
{
"category": "external",
"summary": "RHBZ#2172204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172204"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24807"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-09T11:51:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2655"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-debugsource-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-docs-1:16.19.1-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.i686",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.19.1-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.20-3.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:npm-1:8.19.3-1.16.19.1.1.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Node.js: Regular Expression Denial of Service in Headers fetch API"
}
]
}
RHSA-2023:3815
Vulnerability from csaf_redhat - Published: 2023-06-27 11:28 - Updated: 2026-07-02 09:03A flaw was found in Jackson Databind. This issue may allow a malicious user to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Service Registry 2.4.3 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:service_registry:2.4
|
— |
Vendor Fix
fix
|
A flaw was found in Textformat in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbage collection pauses.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Service Registry 2.4.3 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:service_registry:2.4
|
— |
Vendor Fix
fix
|
A flaw was found in Message-Type Extensions in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbage collection pauses.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Service Registry 2.4.3 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:service_registry:2.4
|
— |
Vendor Fix
fix
|
A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Service Registry 2.4.3 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:service_registry:2.4
|
— |
Vendor Fix
fix
|
A flaw was found in the json-pointer package. The affected versions of this package are vulnerable to prototype pollution vulnerability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Service Registry 2.4.3 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:service_registry:2.4
|
— |
Vendor Fix
fix
|
A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Service Registry 2.4.3 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:service_registry:2.4
|
— |
Vendor Fix
fix
|
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Service Registry 2.4.3 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:service_registry:2.4
|
— |
Vendor Fix
fix
|
A flaw was found in Apache James's Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Service Registry 2.4.3 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:service_registry:2.4
|
— |
Vendor Fix
fix
|
A flaw was found in GraphQL Java. This issue may allow a malicious user to send a crafted GraphQL query that causes stack consumption, causing a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Service Registry 2.4.3 GA
Red Hat / Red Hat Integration
|
cpe:/a:redhat:service_registry:2.4
|
— |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update to the images for Red Hat Integration - Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat Integration - Service Registry 2.4.3 GA includes the following security fixes.\n\nSecurity Fix(es):\n\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n\n* jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode (CVE-2021-46877)\n\n* protobuf-java: Textformat parsing issue leads to DoS (CVE-2022-3509)\n\n* protobuf-java: Message-Type Extensions parsing issue leads to DoS (CVE-2022-3510)\n\n* json-pointer: prototype pollution in json-pointer (CVE-2022-4742)\n\n* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)\n\n* apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider (CVE-2022-45787)\n\n* graphql-java: crafted GraphQL query causes stack consumption (CVE-2023-28867)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:3815",
"url": "https://access.redhat.com/errata/RHSA-2023:3815"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2138971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971"
},
{
"category": "external",
"summary": "2156333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156333"
},
{
"category": "external",
"summary": "2158916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158916"
},
{
"category": "external",
"summary": "2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "2181977",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181977"
},
{
"category": "external",
"summary": "2184161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184161"
},
{
"category": "external",
"summary": "2184176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184176"
},
{
"category": "external",
"summary": "2185707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185707"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3815.json"
}
],
"title": "Red Hat Security Advisory: Service Registry (container images) release and security update [2.4.3 GA]",
"tracking": {
"current_release_date": "2026-07-02T09:03:04+00:00",
"generator": {
"date": "2026-07-02T09:03:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2023:3815",
"initial_release_date": "2023-06-27T11:28:55+00:00",
"revision_history": [
{
"date": "2023-06-27T11:28:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-06-27T11:28:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-02T09:03:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHINT Service Registry 2.4.3 GA",
"product": {
"name": "RHINT Service Registry 2.4.3 GA",
"product_id": "RHINT Service Registry 2.4.3 GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_registry:2.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-46877",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-04-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2185707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jackson Databind. This issue may allow a malicious user to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.4.3 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-46877"
},
{
"category": "external",
"summary": "RHBZ#2185707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-46877",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46877"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-46877",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46877"
}
],
"release_date": "2023-03-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-27T11:28:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.4.3 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3815"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.4.3 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode"
},
{
"cve": "CVE-2022-3509",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2022-12-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184161"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Textformat in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbage collection pauses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf-java: Textformat parsing issue leads to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.4.3 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3509"
},
{
"category": "external",
"summary": "RHBZ#2184161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184161"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3509",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3509"
}
],
"release_date": "2022-12-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-27T11:28:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.4.3 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3815"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.4.3 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "protobuf-java: Textformat parsing issue leads to DoS"
},
{
"cve": "CVE-2022-3510",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2022-12-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184176"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Message-Type Extensions in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbage collection pauses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf-java: Message-Type Extensions parsing issue leads to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.4.3 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3510"
},
{
"category": "external",
"summary": "RHBZ#2184176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184176"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3510",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3510"
}
],
"release_date": "2022-12-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-27T11:28:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.4.3 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3815"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.4.3 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "protobuf-java: Message-Type Extensions parsing issue leads to DoS"
},
{
"cve": "CVE-2022-3782",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-10-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2138971"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: path traversal via double URL encoding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not impacted as this CVE affects the server-side Keycloak execution but Quarkus only acts as a Keycloak client in its quarkus-keycloak-authorization extension. For this reason Quarkus is marked with Low impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.4.3 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3782"
},
{
"category": "external",
"summary": "RHBZ#2138971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3782"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3782",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3782"
}
],
"release_date": "2022-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-27T11:28:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.4.3 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3815"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.4.3 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: path traversal via double URL encoding"
},
{
"cve": "CVE-2022-4742",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json-pointer package. The affected versions of this package are vulnerable to prototype pollution vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json-pointer: prototype pollution in json-pointer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The json-pointer is a transitive dependency and is not used directly in any of the Red Hat products. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.4.3 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4742"
},
{
"category": "external",
"summary": "RHBZ#2156333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4742"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4742",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4742"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-27T11:28:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.4.3 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3815"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.4.3 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "json-pointer: prototype pollution in json-pointer"
},
{
"cve": "CVE-2022-25881",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2165824"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact of a succesfull exploiation of this vulnerability will only lead to a denial of service of the system,furthermore the exploitation will require an attacker to specifically craft a regular expression patterns in request headers (i.e. nontrivial input) that trigger pathological regex behavior but since most systems will have limits on header sizes or input validation that reduce the risk of triggering the extreme pathological regex cases which is why this has been marked as moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.4.3 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25881"
},
{
"category": "external",
"summary": "RHBZ#2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-27T11:28:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.4.3 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3815"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.4.3 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.4.3 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-27T11:28:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.4.3 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3815"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.4.3 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-45787",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-01-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache James\u0027s Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.4.3 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45787"
},
{
"category": "external",
"summary": "RHBZ#2158916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45787",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45787"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45787",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45787"
}
],
"release_date": "2023-01-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-27T11:28:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.4.3 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3815"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.4.3 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider"
},
{
"cve": "CVE-2023-28867",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2181977"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GraphQL Java. This issue may allow a malicious user to send a crafted GraphQL query that causes stack consumption, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "graphql-java: crafted GraphQL query causes stack consumption",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.4.3 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28867"
},
{
"category": "external",
"summary": "RHBZ#2181977",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181977"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28867"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28867",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28867"
}
],
"release_date": "2023-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-27T11:28:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.4.3 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3815"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.4.3 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "graphql-java: crafted GraphQL query causes stack consumption"
}
]
}
RHSA-2023:5533
Vulnerability from csaf_redhat - Published: 2023-10-09 10:29 - Updated: 2026-07-02 09:03A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64 | — |
Vendor Fix
fix
|
An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the fetch API in Node.js that did not prevent CRLF injection in the 'host' header. This issue could allow HTTP response splitting and HTTP header injection.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64 | — |
Vendor Fix
fix
|
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64 | — |
Vendor Fix
fix
|
A vulnerability has been discovered in Node.js, where the use of proto in process.mainModule.proto.require() can bypass the policy mechanism and require modules outside of the policy.json definition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64 | — |
Vendor Fix
fix
|
A vulnerability has been identified in the Node.js, where an invalid public key is used to create an x509 certificate using the crypto.X509Certificate() API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could force interruptions of application processing, as the process terminates when accessing public key info of provided certificates from user code. The current context of the users will be gone, and that will cause a DoS scenario.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64 | — |
Vendor Fix
fix
|
A vulnerability has been identified in the Node.js, where llhttp parser in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64 | — |
Vendor Fix
fix
|
A vulnerability has been identified in the Node.js, where a generateKeys() API function returned from crypto.createDiffieHellman() only generates missing (or outdated) keys, that is, it only generates a private key if none has been set yet.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64 | — |
Vendor Fix
fix
|
A vulnerability was found in NodeJS. This security issue occurs as the use of Module._load() can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
A vulnerability was found in NodeJS. This security issue occurs as the use of module.constructor.createRequire() can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding() can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding('spawn_sync') to run arbitrary code outside of the limits defined in a policy.json file.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for nodejs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe package has been upgraded to a later upstream version: nodejs (16.20.2).\n\nSecurity Fix(es):\n\n* nodejs: Permissions policies can be bypassed via Module._load (CVE-2023-32002)\n\n* c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904)\n\n* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)\n\n* Node.js: Fetch API did not protect against CRLF injection in host headers (CVE-2023-23936)\n\n* nodejs: mainModule.proto bypass experimental policy mechanism (CVE-2023-30581)\n\n* nodejs: process interuption due to invalid Public Key information in x509 certificates (CVE-2023-30588)\n\n* nodejs: HTTP Request Smuggling via Empty headers separated by CR (CVE-2023-30589)\n\n* nodejs: DiffieHellman do not generate keys after setting a private key (CVE-2023-30590)\n\n* nodejs: Permissions policies can impersonate other modules in using module.constructor.createRequire() (CVE-2023-32006)\n\n* nodejs: Permissions policies can be bypassed via process.binding (CVE-2023-32559)\n\n* Node.js: insecure loading of ICU data through ICU_DATA environment variable (CVE-2023-23920)\n\n* Node.js: Regular Expression Denial of Service in Headers fetch API (CVE-2023-24807)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* nodejs: Rebase to the latest Nodejs 16 release [rhel-9] (BZ#2236435, BZ#2178078, BZ#2223335)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:5533",
"url": "https://access.redhat.com/errata/RHSA-2023:5533"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "2168631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631"
},
{
"category": "external",
"summary": "2172190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172190"
},
{
"category": "external",
"summary": "2172204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172204"
},
{
"category": "external",
"summary": "2172217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217"
},
{
"category": "external",
"summary": "2178078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178078"
},
{
"category": "external",
"summary": "2219824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219824"
},
{
"category": "external",
"summary": "2219838",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219838"
},
{
"category": "external",
"summary": "2219841",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219841"
},
{
"category": "external",
"summary": "2219842",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219842"
},
{
"category": "external",
"summary": "2223335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223335"
},
{
"category": "external",
"summary": "2230948",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230948"
},
{
"category": "external",
"summary": "2230955",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230955"
},
{
"category": "external",
"summary": "2230956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230956"
},
{
"category": "external",
"summary": "2236435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236435"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5533.json"
}
],
"title": "Red Hat Security Advisory: nodejs security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2026-07-02T09:03:06+00:00",
"generator": {
"date": "2026-07-02T09:03:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2023:5533",
"initial_release_date": "2023-10-09T10:29:45+00:00",
"revision_history": [
{
"date": "2023-10-09T10:29:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-09T10:29:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-02T09:03:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.0::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.20.2-1.el9_0.src",
"product": {
"name": "nodejs-1:16.20.2-1.el9_0.src",
"product_id": "nodejs-1:16.20.2-1.el9_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.20.2-1.el9_0?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.20.2-1.el9_0.aarch64",
"product": {
"name": "nodejs-1:16.20.2-1.el9_0.aarch64",
"product_id": "nodejs-1:16.20.2-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.20.2-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"product": {
"name": "nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"product_id": "nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.20.2-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"product": {
"name": "nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"product_id": "nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.20.2-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"product": {
"name": "npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"product_id": "npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.19.4-1.16.20.2.1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"product": {
"name": "nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"product_id": "nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.20.2-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"product": {
"name": "nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"product_id": "nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.20.2-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"product": {
"name": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"product_id": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.20.2-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.20.2-1.el9_0.ppc64le",
"product": {
"name": "nodejs-1:16.20.2-1.el9_0.ppc64le",
"product_id": "nodejs-1:16.20.2-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.20.2-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"product": {
"name": "nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"product_id": "nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.20.2-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"product": {
"name": "nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"product_id": "nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.20.2-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"product": {
"name": "npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"product_id": "npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.19.4-1.16.20.2.1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"product": {
"name": "nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"product_id": "nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.20.2-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"product": {
"name": "nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"product_id": "nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.20.2-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"product": {
"name": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"product_id": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.20.2-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.20.2-1.el9_0.x86_64",
"product": {
"name": "nodejs-1:16.20.2-1.el9_0.x86_64",
"product_id": "nodejs-1:16.20.2-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.20.2-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"product": {
"name": "nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"product_id": "nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.20.2-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"product": {
"name": "nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"product_id": "nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.20.2-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64",
"product": {
"name": "npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64",
"product_id": "npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.19.4-1.16.20.2.1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"product": {
"name": "nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"product_id": "nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.20.2-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"product": {
"name": "nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"product_id": "nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.20.2-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"product": {
"name": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"product_id": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.20.2-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-libs-1:16.20.2-1.el9_0.i686",
"product": {
"name": "nodejs-libs-1:16.20.2-1.el9_0.i686",
"product_id": "nodejs-libs-1:16.20.2-1.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.20.2-1.el9_0?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"product": {
"name": "nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"product_id": "nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.20.2-1.el9_0?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"product": {
"name": "nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"product_id": "nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.20.2-1.el9_0?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"product": {
"name": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"product_id": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.20.2-1.el9_0?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.20.2-1.el9_0.s390x",
"product": {
"name": "nodejs-1:16.20.2-1.el9_0.s390x",
"product_id": "nodejs-1:16.20.2-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.20.2-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"product": {
"name": "nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"product_id": "nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.20.2-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-1:16.20.2-1.el9_0.s390x",
"product": {
"name": "nodejs-libs-1:16.20.2-1.el9_0.s390x",
"product_id": "nodejs-libs-1:16.20.2-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs@16.20.2-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"product": {
"name": "npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"product_id": "npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.19.4-1.16.20.2.1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"product": {
"name": "nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"product_id": "nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.20.2-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"product": {
"name": "nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"product_id": "nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.20.2-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"product": {
"name": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"product_id": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.20.2-1.el9_0?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-docs-1:16.20.2-1.el9_0.noarch",
"product": {
"name": "nodejs-docs-1:16.20.2-1.el9_0.noarch",
"product_id": "nodejs-docs-1:16.20.2-1.el9_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@16.20.2-1.el9_0?arch=noarch\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.20.2-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64"
},
"product_reference": "nodejs-1:16.20.2-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.20.2-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le"
},
"product_reference": "nodejs-1:16.20.2-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.20.2-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x"
},
"product_reference": "nodejs-1:16.20.2-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.20.2-1.el9_0.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src"
},
"product_reference": "nodejs-1:16.20.2-1.el9_0.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.20.2-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64"
},
"product_reference": "nodejs-1:16.20.2-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64"
},
"product_reference": "nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.20.2-1.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686"
},
"product_reference": "nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le"
},
"product_reference": "nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.20.2-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x"
},
"product_reference": "nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64"
},
"product_reference": "nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.20.2-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64"
},
"product_reference": "nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.20.2-1.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686"
},
"product_reference": "nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le"
},
"product_reference": "nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.20.2-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x"
},
"product_reference": "nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.20.2-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64"
},
"product_reference": "nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:16.20.2-1.el9_0.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch"
},
"product_reference": "nodejs-docs-1:16.20.2-1.el9_0.noarch",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64"
},
"product_reference": "nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le"
},
"product_reference": "nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.20.2-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x"
},
"product_reference": "nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64"
},
"product_reference": "nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.20.2-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64"
},
"product_reference": "nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.20.2-1.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686"
},
"product_reference": "nodejs-libs-1:16.20.2-1.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.20.2-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le"
},
"product_reference": "nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.20.2-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x"
},
"product_reference": "nodejs-libs-1:16.20.2-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-1:16.20.2-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64"
},
"product_reference": "nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64"
},
"product_reference": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686"
},
"product_reference": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le"
},
"product_reference": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x"
},
"product_reference": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64"
},
"product_reference": "nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64"
},
"product_reference": "npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le"
},
"product_reference": "npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.19.4-1.16.20.2.1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x"
},
"product_reference": "npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
},
"product_reference": "npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-4904",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2023-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2168631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "c-ares: buffer overflow in config_sortlist() due to missing string length check",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this vulnerability is not important but moderate because exploiting the vulnerability can lead to a disruption of the availability of an application, yet doesn\u2019t compromise data integrity or confidentiality. The opportunity for disruption is further limited due to the requirement that an application allows an attacker to be able to input both untrusted and unvalidated data. Exploiting this flaw requires an application to use the library in such a way that would allow untrusted and unvalidated input to be passed directly to ares_set_sortlist by an attacker. In the event that this is able to occur, the impact to RHEL is limited to a crash of the application due to the protections offered by default in RHEL systems such as Stack Smashing Protection (SSP).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4904"
},
{
"category": "external",
"summary": "RHBZ#2168631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4904",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904"
},
{
"category": "external",
"summary": "https://github.com/c-ares/c-ares/issues/496",
"url": "https://github.com/c-ares/c-ares/issues/496"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-09T10:29:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "c-ares: buffer overflow in config_sortlist() due to missing string length check"
},
{
"cve": "CVE-2022-25881",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2165824"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact of a succesfull exploiation of this vulnerability will only lead to a denial of service of the system,furthermore the exploitation will require an attacker to specifically craft a regular expression patterns in request headers (i.e. nontrivial input) that trigger pathological regex behavior but since most systems will have limits on header sizes or input validation that reduce the risk of triggering the extreme pathological regex cases which is why this has been marked as moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25881"
},
{
"category": "external",
"summary": "RHBZ#2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-09T10:29:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability"
},
{
"cve": "CVE-2023-23920",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172217"
}
],
"notes": [
{
"category": "description",
"text": "An untrusted search path vulnerability exists in Node.js. \u003c19.6.1, \u003c18.14.1, \u003c16.19.1, and \u003c14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: insecure loading of ICU data through ICU_DATA environment variable",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23920"
},
{
"category": "external",
"summary": "RHBZ#2172217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23920"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-09T10:29:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Node.js: insecure loading of ICU data through ICU_DATA environment variable"
},
{
"cve": "CVE-2023-23936",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172190"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the fetch API in Node.js that did not prevent CRLF injection in the \u0027host\u0027 header. This issue could allow HTTP response splitting and HTTP header injection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Fetch API did not protect against CRLF injection in host headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23936"
},
{
"category": "external",
"summary": "RHBZ#2172190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23936",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23936"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23936",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23936"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-09T10:29:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Fetch API did not protect against CRLF injection in host headers"
},
{
"cve": "CVE-2023-24807",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172204"
}
],
"notes": [
{
"category": "description",
"text": "Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Regular Expression Denial of Service in Headers fetch API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24807"
},
{
"category": "external",
"summary": "RHBZ#2172204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172204"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24807"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-09T10:29:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Node.js: Regular Expression Denial of Service in Headers fetch API"
},
{
"cve": "CVE-2023-30581",
"discovery_date": "2023-06-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2219824"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability has been discovered in Node.js, where the use of proto in process.mainModule.proto.require() can bypass the policy mechanism and require modules outside of the policy.json definition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: mainModule.proto bypass experimental policy mechanism",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an IMPORTANT severity because this vulnerability is a policy bypass resulting from the improper handling of the JavaScript prototype chain. A malicious actor can trigger this flaw by using process.mainModule.__proto__.require() to load and execute modules explicitly disallowed by the policy.json configuration.\n\nSuccessful exploitation allows for the execution of unauthorized code within the context of the application process, leading to a compromise of system integrity.\n\nAt the time of this CVE\u0027s disclosure, the affected policy mechanism was designated as an experimental feature.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-30581"
},
{
"category": "external",
"summary": "RHBZ#2219824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-30581",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30581"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-30581",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30581"
}
],
"release_date": "2023-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-09T10:29:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nodejs: mainModule.proto bypass experimental policy mechanism"
},
{
"cve": "CVE-2023-30588",
"discovery_date": "2023-06-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2219838"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability has been identified in the Node.js, where an invalid public key is used to create an x509 certificate using the crypto.X509Certificate() API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could force interruptions of application processing, as the process terminates when accessing public key info of provided certificates from user code. The current context of the users will be gone, and that will cause a DoS scenario.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: process interuption due to invalid Public Key information in x509 certificates",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-30588"
},
{
"category": "external",
"summary": "RHBZ#2219838",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219838"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-30588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30588"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-30588",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30588"
}
],
"release_date": "2023-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-09T10:29:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: process interuption due to invalid Public Key information in x509 certificates"
},
{
"cve": "CVE-2023-30589",
"discovery_date": "2023-06-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2219841"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability has been identified in the Node.js, where llhttp parser in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: HTTP Request Smuggling via Empty headers separated by CR",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability is in the llhttp parsing not using the CRLF sequence which violates the HTTP/1.1 specification, which mandates CRLF as the delimiter. While this might result in request smuggling, the added complexity of creating a valid malformed delimited request and having it reach the intended target and then processed,which is why this has been rated as moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-30589"
},
{
"category": "external",
"summary": "RHBZ#2219841",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219841"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-30589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30589"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-30589",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30589"
}
],
"release_date": "2023-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-09T10:29:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: HTTP Request Smuggling via Empty headers separated by CR"
},
{
"cve": "CVE-2023-30590",
"discovery_date": "2023-06-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2219842"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability has been identified in the Node.js, where a generateKeys() API function returned from crypto.createDiffieHellman() only generates missing (or outdated) keys, that is, it only generates a private key if none has been set yet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: DiffieHellman do not generate keys after setting a private key",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The generateKeys() API function returned from crypto.createDiffieHellman() in Node.js does not behave as documented as the documentation states that the function \u201cgenerates private and public Diffie-Hellman key values.\u201d However, the actual implementation only generates a private key if one has not yet been set, and does not recompute or regenerate the public key if the private key was previously defined using setPrivateKey(), which is why this could only in theory, result in weak or predictable shared secrets. The issue at hand is a developer facing hazard caused by a mismatch in the documentation and application of the function, and is not in itself a security vulnerability, which is why Redhat has assessed this as moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-30590"
},
{
"category": "external",
"summary": "RHBZ#2219842",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219842"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-30590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-30590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30590"
}
],
"release_date": "2023-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-09T10:29:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: DiffieHellman do not generate keys after setting a private key"
},
{
"cve": "CVE-2023-32002",
"cwe": {
"id": "CWE-807",
"name": "Reliance on Untrusted Inputs in a Security Decision"
},
"discovery_date": "2023-08-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2230948"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS. This security issue occurs as the use of Module._load() can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Permissions policies can be bypassed via Module._load",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important instead of Critical because it only impacts users of the policy mechanism that must be explicitly enabled using the `--experimental-policy` flag. This is not enabled by default.\n\nRed Hat\u0027s Secure Software Development Life Cycle utilizes a layered testing approach. This significantly increases attack complexity, because a compromised package must remain undetected for months to years in testing in upstream communities before it could be adopted into a Red Hat product. This long dwell-time reduces impact to Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-32002"
},
{
"category": "external",
"summary": "RHBZ#2230948",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230948"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-32002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32002"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-32002",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32002"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/august-2023-security-releases#permissions-policies-can-be-bypassed-via-module_load-highcve-2023-32002",
"url": "https://nodejs.org/en/blog/vulnerability/august-2023-security-releases#permissions-policies-can-be-bypassed-via-module_load-highcve-2023-32002"
}
],
"release_date": "2023-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-09T10:29:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5533"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nodejs: Permissions policies can be bypassed via Module._load"
},
{
"cve": "CVE-2023-32006",
"cwe": {
"id": "CWE-213",
"name": "Exposure of Sensitive Information Due to Incompatible Policies"
},
"discovery_date": "2023-08-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2230955"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS. This security issue occurs as the use of module.constructor.createRequire() can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Permissions policies can impersonate other modules in using module.constructor.createRequire()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-32006"
},
{
"category": "external",
"summary": "RHBZ#2230955",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230955"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-32006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32006"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-32006",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32006"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/august-2023-security-releases#permissions-policies-can-impersonate-other-modules-in-using-moduleconstructorcreaterequire-mediumcve-2023-32006",
"url": "https://nodejs.org/en/blog/vulnerability/august-2023-security-releases#permissions-policies-can-impersonate-other-modules-in-using-moduleconstructorcreaterequire-mediumcve-2023-32006"
}
],
"release_date": "2023-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-09T10:29:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5533"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nodejs: Permissions policies can impersonate other modules in using module.constructor.createRequire()"
},
{
"cve": "CVE-2023-32559",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2023-08-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2230956"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding() can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding(\u0027spawn_sync\u0027) to run arbitrary code outside of the limits defined in a policy.json file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: Permissions policies can be bypassed via process.binding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "When this CVE was reported, the policy.json file was still experimental in nature and not deployed and widely in environments,which is why at the time when this CVE was submitted,Redhat chose to classify this as moderare.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-32559"
},
{
"category": "external",
"summary": "RHBZ#2230956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230956"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-32559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32559"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-32559",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32559"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/august-2023-security-releases#permissions-policies-can-be-bypassed-via-processbinding-mediumcve-2023-32559",
"url": "https://nodejs.org/en/blog/vulnerability/august-2023-security-releases#permissions-policies-can-be-bypassed-via-processbinding-mediumcve-2023-32559"
}
],
"release_date": "2023-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-09T10:29:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5533"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.src",
"AppStream-9.0.0.Z.EUS:nodejs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-debugsource-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-docs-1:16.20.2-1.el9_0.noarch",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-full-i18n-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.i686",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:nodejs-libs-debuginfo-1:16.20.2-1.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:npm-1:8.19.4-1.16.20.2.1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: Permissions policies can be bypassed via process.binding"
}
]
}
RHSA-2023_1428
Vulnerability from csaf_redhat - Published: 2023-03-23 02:16 - Updated: 2024-12-17 23:02A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64 | — |
A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64 | — |
A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64 | — |
A flaw was found in ua-parser-js. This issue could allow a malicious user to trigger a regular expression denial of service (ReDoS) via the trim() function.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64 | — |
A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64 | — |
A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64 | — |
A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64 | — |
A flaw was found in the JSZip package. Affected versions of JSZip could allow a remote attacker to traverse directories on the system caused by the failure to sanitize filenames when files are loaded with `loadAsync`, which makes the library vulnerable to a Zip Slip attack. By extracting files from a specially crafted archive, an attacker could gain access to parts of the file system outside of the target folder, overwrite the executable files, and execute arbitrary commands on the system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64 | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The Migration Toolkit for Containers (MTC) 1.7.8 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es):\n\n* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)\n\n* gin: Unsanitized input in the default logger in github.com/gin-gonic/gin (CVE-2020-36567)\n\n* express: \"qs\" prototype poisoning causes the hang of the node process (CVE-2022-24999)\n\n* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)\n\n* ua-parser-js: ReDoS vulnerability via the trim() function (CVE-2022-25927)\n\n* loader-utils: Regular expression denial of service (CVE-2022-37603)\n\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n\n* jszip: directory traversal via a crafted ZIP archive (CVE-2022-48285)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* The velero image cannot be overridden in the operator (BZ#2143389)\n\n* Adding a MigCluster from UI fails when the domain name has characters more than 6 (BZ#2152149)\n\n* UI fails to render the \u0027migrations\u0027 page: \"Cannot read properties of undefined (reading \u0027name\u0027)\" (BZ#2163485)\n\n* Creating DPA resource fails on OCP 4.6 clusters (BZ#2173742)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1428",
"url": "https://access.redhat.com/errata/RHSA-2023:1428"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "2143389",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143389"
},
{
"category": "external",
"summary": "2150323",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323"
},
{
"category": "external",
"summary": "2152149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152149"
},
{
"category": "external",
"summary": "2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "2156683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156683"
},
{
"category": "external",
"summary": "2163485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2163485"
},
{
"category": "external",
"summary": "2165020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165020"
},
{
"category": "external",
"summary": "2165797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165797"
},
{
"category": "external",
"summary": "2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "2170644",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644"
},
{
"category": "external",
"summary": "2173742",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173742"
},
{
"category": "external",
"summary": "MIG-1298",
"url": "https://issues.redhat.com/browse/MIG-1298"
},
{
"category": "external",
"summary": "MIG-1315",
"url": "https://issues.redhat.com/browse/MIG-1315"
},
{
"category": "external",
"summary": "MIG-1318",
"url": "https://issues.redhat.com/browse/MIG-1318"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1428.json"
}
],
"title": "Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.8 security and bug fix update",
"tracking": {
"current_release_date": "2024-12-17T23:02:41+00:00",
"generator": {
"date": "2024-12-17T23:02:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:1428",
"initial_release_date": "2023-03-23T02:16:09+00:00",
"revision_history": [
{
"date": "2023-03-23T02:16:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-23T02:16:09+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T23:02:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-RHMTC-1.7",
"product": {
"name": "8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhmt:1.7::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Migration Toolkit"
},
{
"branches": [
{
"category": "product_version",
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"product": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"product_id": "rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-controller-rhel8\u0026tag=v1.7.8-6"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"product": {
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"product_id": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-hook-runner-rhel8\u0026tag=v1.7.8-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"product": {
"name": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"product_id": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-legacy-rhel8-operator\u0026tag=v1.7.8-10"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"product": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"product_id": "rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-log-reader-rhel8\u0026tag=v1.7.8-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"product": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"product_id": "rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-must-gather-rhel8\u0026tag=v1.7.8-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"product": {
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"product_id": "rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-openvpn-rhel8\u0026tag=v1.7.8-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"product": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"product_id": "rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rhel8-operator\u0026tag=v1.7.8-10"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"product": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"product_id": "rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-operator-bundle\u0026tag=v1.7.8-10"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"product": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"product_id": "rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-registry-rhel8\u0026tag=v1.7.8-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"product": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"product_id": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rsync-transfer-rhel8\u0026tag=v1.7.8-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64",
"product": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64",
"product_id": "rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-ui-rhel8\u0026tag=v1.7.8-5"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"product_id": "rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-rhel8\u0026tag=v1.7.8-4"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-aws-rhel8\u0026tag=v1.7.8-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8\u0026tag=v1.7.8-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8\u0026tag=v1.7.8-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"product_id": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-restic-restore-helper-rhel8\u0026tag=v1.7.8-4"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64",
"product": {
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64",
"product_id": "rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-velero-plugin-rhel8\u0026tag=v1.7.8-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64"
},
"product_reference": "rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64"
},
"product_reference": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64"
},
"product_reference": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64"
},
"product_reference": "rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64"
},
"product_reference": "rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64"
},
"product_reference": "rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64"
},
"product_reference": "rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64"
},
"product_reference": "rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64"
},
"product_reference": "rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64"
},
"product_reference": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64"
},
"product_reference": "rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64 as a component of 8Base-RHMTC-1.7",
"product_id": "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
},
"product_reference": "rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36567",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"discovery_date": "2022-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156683"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gin: Unsanitized input in the default logger in github.com/gin-gonic/gin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36567"
},
{
"category": "external",
"summary": "RHBZ#2156683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156683"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36567",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36567"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36567",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36567"
},
{
"category": "external",
"summary": "https://github.com/gin-gonic/gin/commit/a71af9c144f9579f6dbe945341c1df37aaf09c0d",
"url": "https://github.com/gin-gonic/gin/commit/a71af9c144f9579f6dbe945341c1df37aaf09c0d"
},
{
"category": "external",
"summary": "https://github.com/gin-gonic/gin/pull/2237",
"url": "https://github.com/gin-gonic/gin/pull/2237"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2020-0001",
"url": "https://pkg.go.dev/vuln/GO-2020-0001"
}
],
"release_date": "2022-12-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-23T02:16:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gin: Unsanitized input in the default logger in github.com/gin-gonic/gin"
},
{
"cve": "CVE-2022-24999",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150323"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: \"qs\" prototype poisoning causes the hang of the node process",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24999"
},
{
"category": "external",
"summary": "RHBZ#2150323",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/releases/tag/4.17.3",
"url": "https://github.com/expressjs/express/releases/tag/4.17.3"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/pull/428",
"url": "https://github.com/ljharb/qs/pull/428"
},
{
"category": "external",
"summary": "https://github.com/n8tz/CVE-2022-24999",
"url": "https://github.com/n8tz/CVE-2022-24999"
}
],
"release_date": "2022-11-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-23T02:16:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: \"qs\" prototype poisoning causes the hang of the node process"
},
{
"cve": "CVE-2022-25881",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2165824"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25881"
},
{
"category": "external",
"summary": "RHBZ#2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-23T02:16:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability"
},
{
"cve": "CVE-2022-25927",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-01-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2165020"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ua-parser-js. This issue could allow a malicious user to trigger a regular expression denial of service (ReDoS) via the trim() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ua-parser-js: ReDoS vulnerability via the trim() function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25927"
},
{
"category": "external",
"summary": "RHBZ#2165020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165020"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25927"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25927",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25927"
}
],
"release_date": "2023-01-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-23T02:16:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ua-parser-js: ReDoS vulnerability via the trim() function"
},
{
"cve": "CVE-2022-37603",
"cwe": {
"id": "CWE-185",
"name": "Incorrect Regular Expression"
},
"discovery_date": "2022-11-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140597"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37603"
},
{
"category": "external",
"summary": "RHBZ#2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-23T02:16:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: Regular expression denial of service"
},
{
"cve": "CVE-2022-38900",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-02-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170644"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "decode-uri-component: improper input validation resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Container Platform (OCP), Advanced Clusters Management for Kubernetes (ACM) and Advanced Cluster Security (ACS), the NPM decode-uri-component package is only present in source repositories as a development dependency, it is not used in production. Therefore this vulnerability is rated Low for OCP and ACS.\n\nIn Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container bundles many nodejs packages as a build time dependencies, including the decode-uri-component package. \nThe vulnerable code is not used, hence the impact to OpenShift Logging by this vulnerability is Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38900"
},
{
"category": "external",
"summary": "RHBZ#2170644",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900"
},
{
"category": "external",
"summary": "https://github.com/SamVerschueren/decode-uri-component/issues/5",
"url": "https://github.com/SamVerschueren/decode-uri-component/issues/5"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-w573-4hg7-7wgq",
"url": "https://github.com/advisories/GHSA-w573-4hg7-7wgq"
}
],
"release_date": "2022-11-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-23T02:16:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "decode-uri-component: improper input validation resulting in DoS"
},
{
"cve": "CVE-2022-46175",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json5: Prototype Pollution in JSON5 via Parse Method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46175"
},
{
"category": "external",
"summary": "RHBZ#2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175"
},
{
"category": "external",
"summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h",
"url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h"
}
],
"release_date": "2022-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-23T02:16:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "json5: Prototype Pollution in JSON5 via Parse Method"
},
{
"cve": "CVE-2022-48285",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2165797"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the JSZip package. Affected versions of JSZip could allow a remote attacker to traverse directories on the system caused by the failure to sanitize filenames when files are loaded with `loadAsync`, which makes the library vulnerable to a Zip Slip attack. By extracting files from a specially crafted archive, an attacker could gain access to parts of the file system outside of the target folder, overwrite the executable files, and execute arbitrary commands on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jszip: directory traversal via a crafted ZIP archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-48285"
},
{
"category": "external",
"summary": "RHBZ#2165797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165797"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-48285",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48285"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48285",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48285"
},
{
"category": "external",
"summary": "https://exchange.xforce.ibmcloud.com/vulnerabilities/244499",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/244499"
},
{
"category": "external",
"summary": "https://github.com/Stuk/jszip/commit/2edab366119c9ee948357c02f1206c28566cdf15",
"url": "https://github.com/Stuk/jszip/commit/2edab366119c9ee948357c02f1206c28566cdf15"
},
{
"category": "external",
"summary": "https://github.com/Stuk/jszip/compare/v3.7.1...v3.8.0",
"url": "https://github.com/Stuk/jszip/compare/v3.7.1...v3.8.0"
},
{
"category": "external",
"summary": "https://www.mend.io/vulnerability-database/WS-2023-0004",
"url": "https://www.mend.io/vulnerability-database/WS-2023-0004"
}
],
"release_date": "2023-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-23T02:16:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64",
"8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jszip: directory traversal via a crafted ZIP archive"
}
]
}
RHSA-2023_1533
Vulnerability from csaf_redhat - Published: 2023-03-30 13:06 - Updated: 2024-12-17 23:02A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
A vulnerability was found in NodeJS due to improper validation of HTTP requests. The llhttp parser in the HTTP module in Node.js does not correctly handle header fields that are not terminated with CLRF. This issue may result in HTTP Request Smuggling. This flaw allows a remote attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in NodeJS. The issue occurs in the Node.js rebinding protector for --inspect that still allows invalid IP addresses, specifically, the octal format. This flaw allows an attacker to perform DNS rebinding and execute arbitrary code.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
A privilege escalation vulnerability exists in Node.js <19.6.1, <18.14.1, <16.19.1 and <14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (14.21.3).\n\nSecurity Fix(es):\n\n* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)\n\n* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n\n* minimist: prototype pollution (CVE-2021-44906)\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904)\n\n* express: \"qs\" prototype poisoning causes the hang of the node process (CVE-2022-24999)\n\n* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)\n\n* nodejs: HTTP Request Smuggling due to incorrect parsing of header fields (CVE-2022-35256)\n\n* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)\n\n* Node.js: Permissions policies can be bypassed via process.mainModule (CVE-2023-23918)\n\n* Node.js: insecure loading of ICU data through ICU_DATA environment variable (CVE-2023-23920)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1533",
"url": "https://access.redhat.com/errata/RHSA-2023:1533"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "2130518",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130518"
},
{
"category": "external",
"summary": "2134609",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609"
},
{
"category": "external",
"summary": "2140911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911"
},
{
"category": "external",
"summary": "2142823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142823"
},
{
"category": "external",
"summary": "2150323",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323"
},
{
"category": "external",
"summary": "2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "2168631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631"
},
{
"category": "external",
"summary": "2170644",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644"
},
{
"category": "external",
"summary": "2171935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935"
},
{
"category": "external",
"summary": "2172217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217"
},
{
"category": "external",
"summary": "2175828",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175828"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1533.json"
}
],
"title": "Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-12-17T23:02:26+00:00",
"generator": {
"date": "2024-12-17T23:02:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:1533",
"initial_release_date": "2023-03-30T13:06:07+00:00",
"revision_history": [
{
"date": "2023-03-30T13:06:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-30T13:06:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T23:02:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:8.4::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs:14:8040020230306170312:522a0ee4",
"product": {
"name": "nodejs:14:8040020230306170312:522a0ee4",
"product_id": "nodejs:14:8040020230306170312:522a0ee4",
"product_identification_helper": {
"purl": "pkg:rpmmod/redhat/nodejs@14:8040020230306170312:522a0ee4"
}
}
},
{
"category": "product_version",
"name": "nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"product": {
"name": "nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"product_id": "nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"product": {
"name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"product_id": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-3.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"product": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"product": {
"name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"product_id": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"product": {
"name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"product_id": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-3.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=src"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"product": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"product": {
"name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"product_id": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"product": {
"name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"product": {
"name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"product": {
"name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"product_id": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"product": {
"name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64",
"product": {
"name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64",
"product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"product": {
"name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"product_id": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"product": {
"name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"product": {
"name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"product": {
"name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"product_id": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"product": {
"name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"product": {
"name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product": {
"name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product_id": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product": {
"name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product": {
"name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product": {
"name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product_id": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product": {
"name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product": {
"name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"product": {
"name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"product_id": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"product": {
"name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"product": {
"name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"product": {
"name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"product_id": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"product": {
"name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"product": {
"name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
"product_reference": "nodejs:14:8040020230306170312:522a0ee4",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64"
},
"product_reference": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le"
},
"product_reference": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x"
},
"product_reference": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src"
},
"product_reference": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64"
},
"product_reference": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64"
},
"product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le"
},
"product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x"
},
"product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64"
},
"product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64"
},
"product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le"
},
"product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x"
},
"product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64"
},
"product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64"
},
"product_reference": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le"
},
"product_reference": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x"
},
"product_reference": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64"
},
"product_reference": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch"
},
"product_reference": "nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64"
},
"product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le"
},
"product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x"
},
"product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64"
},
"product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch"
},
"product_reference": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src"
},
"product_reference": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch"
},
"product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src"
},
"product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64"
},
"product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le"
},
"product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x"
},
"product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
},
"product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-30T13:06:07+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2021-44906",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066009"
}
],
"notes": [
{
"category": "description",
"text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimist: prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "RHBZ#2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
"url": "https://github.com/advisories/GHSA-xvch-5gv4-984h"
}
],
"release_date": "2022-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-30T13:06:07+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimist: prototype pollution"
},
{
"cve": "CVE-2022-3517",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2022-06-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134609"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-minimatch: ReDoS via the braceExpand function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3517"
},
{
"category": "external",
"summary": "RHBZ#2134609",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517"
}
],
"release_date": "2022-02-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-30T13:06:07+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-minimatch: ReDoS via the braceExpand function"
},
{
"cve": "CVE-2022-4904",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2023-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2168631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "c-ares: buffer overflow in config_sortlist() due to missing string length check",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this vulnerability is not important but moderate because exploiting the vulnerability can lead to a disruption of the availability of an application, yet doesn\u2019t compromise data integrity or confidentiality. The opportunity for disruption is further limited due to the requirement that an application allows an attacker to be able to input both untrusted and unvalidated data. Exploiting this flaw requires an application to use the library in such a way that would allow untrusted and unvalidated input to be passed directly to ares_set_sortlist by an attacker. In the event that this is able to occur, the impact to RHEL is limited to a crash of the application due to the protections offered by default in RHEL systems such as Stack Smashing Protection (SSP).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4904"
},
{
"category": "external",
"summary": "RHBZ#2168631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4904",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904"
},
{
"category": "external",
"summary": "https://github.com/c-ares/c-ares/issues/496",
"url": "https://github.com/c-ares/c-ares/issues/496"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-30T13:06:07+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "c-ares: buffer overflow in config_sortlist() due to missing string length check"
},
{
"cve": "CVE-2022-24999",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150323"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: \"qs\" prototype poisoning causes the hang of the node process",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24999"
},
{
"category": "external",
"summary": "RHBZ#2150323",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/releases/tag/4.17.3",
"url": "https://github.com/expressjs/express/releases/tag/4.17.3"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/pull/428",
"url": "https://github.com/ljharb/qs/pull/428"
},
{
"category": "external",
"summary": "https://github.com/n8tz/CVE-2022-24999",
"url": "https://github.com/n8tz/CVE-2022-24999"
}
],
"release_date": "2022-11-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-30T13:06:07+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: \"qs\" prototype poisoning causes the hang of the node process"
},
{
"cve": "CVE-2022-25881",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2165824"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25881"
},
{
"category": "external",
"summary": "RHBZ#2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-30T13:06:07+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability"
},
{
"acknowledgments": [
{
"names": [
"VVX7"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-35256",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-09-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2130518"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NodeJS due to improper validation of HTTP requests. The llhttp parser in the HTTP module in Node.js does not correctly handle header fields that are not terminated with CLRF. This issue may result in HTTP Request Smuggling. This flaw allows a remote attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: HTTP Request Smuggling due to incorrect parsing of header fields",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-35256"
},
{
"category": "external",
"summary": "RHBZ#2130518",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130518"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-35256",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35256"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/#http-request-smuggling-due-to-incorrect-parsing-of-header-fields-medium-cve-2022-35256",
"url": "https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/#http-request-smuggling-due-to-incorrect-parsing-of-header-fields-medium-cve-2022-35256"
}
],
"release_date": "2022-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-30T13:06:07+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: HTTP Request Smuggling due to incorrect parsing of header fields"
},
{
"cve": "CVE-2022-38900",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-02-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170644"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "decode-uri-component: improper input validation resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Container Platform (OCP), Advanced Clusters Management for Kubernetes (ACM) and Advanced Cluster Security (ACS), the NPM decode-uri-component package is only present in source repositories as a development dependency, it is not used in production. Therefore this vulnerability is rated Low for OCP and ACS.\n\nIn Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container bundles many nodejs packages as a build time dependencies, including the decode-uri-component package. \nThe vulnerable code is not used, hence the impact to OpenShift Logging by this vulnerability is Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38900"
},
{
"category": "external",
"summary": "RHBZ#2170644",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900"
},
{
"category": "external",
"summary": "https://github.com/SamVerschueren/decode-uri-component/issues/5",
"url": "https://github.com/SamVerschueren/decode-uri-component/issues/5"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-w573-4hg7-7wgq",
"url": "https://github.com/advisories/GHSA-w573-4hg7-7wgq"
}
],
"release_date": "2022-11-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-30T13:06:07+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "decode-uri-component: improper input validation resulting in DoS"
},
{
"cve": "CVE-2022-43548",
"cwe": {
"id": "CWE-350",
"name": "Reliance on Reverse DNS Resolution for a Security-Critical Action"
},
"discovery_date": "2022-11-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140911"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NodeJS. The issue occurs in the Node.js rebinding protector for --inspect that still allows invalid IP addresses, specifically, the octal format. This flaw allows an attacker to perform DNS rebinding and execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: DNS rebinding in inspect via invalid octal IP address",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43548"
},
{
"category": "external",
"summary": "RHBZ#2140911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43548",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548",
"url": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548"
}
],
"release_date": "2022-11-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-30T13:06:07+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: DNS rebinding in inspect via invalid octal IP address"
},
{
"cve": "CVE-2023-23918",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2171935"
}
],
"notes": [
{
"category": "description",
"text": "A privilege escalation vulnerability exists in Node.js \u003c19.6.1, \u003c18.14.1, \u003c16.19.1 and \u003c14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Permissions policies can be bypassed via process.mainModule",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23918"
},
{
"category": "external",
"summary": "RHBZ#2171935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23918"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-30T13:06:07+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Permissions policies can be bypassed via process.mainModule"
},
{
"cve": "CVE-2023-23920",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172217"
}
],
"notes": [
{
"category": "description",
"text": "An untrusted search path vulnerability exists in Node.js. \u003c19.6.1, \u003c18.14.1, \u003c16.19.1, and \u003c14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: insecure loading of ICU data through ICU_DATA environment variable",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23920"
},
{
"category": "external",
"summary": "RHBZ#2172217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23920"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-30T13:06:07+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x",
"AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Node.js: insecure loading of ICU data through ICU_DATA environment variable"
}
]
}
RHSA-2023_1582
Vulnerability from csaf_redhat - Published: 2023-04-04 09:57 - Updated: 2024-12-16 07:30A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
A privilege escalation vulnerability exists in Node.js <19.6.1, <18.14.1, <16.19.1 and <14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
A cryptographic vulnerability exists in Node.js <19.2.0, <18.14.1, <16.19.1, <14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the fetch API in Node.js that did not prevent CRLF injection in the 'host' header. This issue could allow HTTP response splitting and HTTP header injection.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (16.19.1).\n\nSecurity Fix(es):\n\n* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n\n* c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904)\n\n* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)\n\n* Node.js: Permissions policies can be bypassed via process.mainModule (CVE-2023-23918)\n\n* Node.js: OpenSSL error handling issues in nodejs crypto library (CVE-2023-23919)\n\n* Node.js: Fetch API did not protect against CRLF injection in host headers (CVE-2023-23936)\n\n* Node.js: insecure loading of ICU data through ICU_DATA environment variable (CVE-2023-23920)\n\n* Node.js: Regular Expression Denial of Service in Headers fetch API (CVE-2023-24807)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1582",
"url": "https://access.redhat.com/errata/RHSA-2023:1582"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "2168631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631"
},
{
"category": "external",
"summary": "2171935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935"
},
{
"category": "external",
"summary": "2172170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172170"
},
{
"category": "external",
"summary": "2172190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172190"
},
{
"category": "external",
"summary": "2172204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172204"
},
{
"category": "external",
"summary": "2172217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217"
},
{
"category": "external",
"summary": "2178142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178142"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1582.json"
}
],
"title": "Red Hat Security Advisory: nodejs:16 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-12-16T07:30:14+00:00",
"generator": {
"date": "2024-12-16T07:30:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:1582",
"initial_release_date": "2023-04-04T09:57:16+00:00",
"revision_history": [
{
"date": "2023-04-04T09:57:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-04-04T09:57:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-16T07:30:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs:16:8070020230314140722:bd1311ed",
"product": {
"name": "nodejs:16:8070020230314140722:bd1311ed",
"product_id": "nodejs:16:8070020230314140722:bd1311ed",
"product_identification_helper": {
"purl": "pkg:rpmmod/redhat/nodejs@16:8070020230314140722:bd1311ed"
}
}
},
{
"category": "product_version",
"name": "nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"product": {
"name": "nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"product_id": "nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"product": {
"name": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"product_id": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-3.module%2Bel8.7.0%2B18373%2B704f5cef?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"product": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"product_id": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@25-1.module%2Bel8.5.0%2B10992%2Bfac5fe06?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"product": {
"name": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"product_id": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"product": {
"name": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"product_id": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-3.module%2Bel8.7.0%2B18373%2B704f5cef?arch=src"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"product": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"product_id": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@25-1.module%2Bel8.5.0%2B10992%2Bfac5fe06?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"product": {
"name": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"product_id": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"product": {
"name": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"product_id": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"product": {
"name": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"product_id": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"product": {
"name": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"product_id": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"product": {
"name": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"product_id": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64",
"product": {
"name": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64",
"product_id": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.19.3-1.16.19.1.1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"product": {
"name": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"product_id": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"product": {
"name": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"product_id": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"product": {
"name": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"product_id": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"product": {
"name": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"product_id": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"product": {
"name": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"product_id": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"product": {
"name": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"product_id": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.19.3-1.16.19.1.1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"product": {
"name": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"product_id": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"product": {
"name": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"product_id": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"product": {
"name": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"product_id": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"product": {
"name": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"product_id": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"product": {
"name": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"product_id": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"product": {
"name": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"product_id": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.19.3-1.16.19.1.1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"product": {
"name": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"product_id": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"product": {
"name": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"product_id": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"product": {
"name": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"product_id": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"product": {
"name": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"product_id": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"product": {
"name": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"product_id": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@16.19.1-1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"product": {
"name": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"product_id": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@8.19.3-1.16.19.1.1.module%2Bel8.7.0%2B18373%2B704f5cef?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
"product_reference": "nodejs:16:8070020230314140722:bd1311ed",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64"
},
"product_reference": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le"
},
"product_reference": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x"
},
"product_reference": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src"
},
"product_reference": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64"
},
"product_reference": "nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64"
},
"product_reference": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le"
},
"product_reference": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x"
},
"product_reference": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64"
},
"product_reference": "nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64"
},
"product_reference": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le"
},
"product_reference": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x"
},
"product_reference": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64"
},
"product_reference": "nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64"
},
"product_reference": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le"
},
"product_reference": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x"
},
"product_reference": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64"
},
"product_reference": "nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch"
},
"product_reference": "nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64 as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64"
},
"product_reference": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le"
},
"product_reference": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x"
},
"product_reference": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64 as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64"
},
"product_reference": "nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch"
},
"product_reference": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src"
},
"product_reference": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch"
},
"product_reference": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src"
},
"product_reference": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64 as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64"
},
"product_reference": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le"
},
"product_reference": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x"
},
"product_reference": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64 as a component of nodejs:16:8070020230314140722:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
},
"product_reference": "npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-04T09:57:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1582"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2022-4904",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2023-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2168631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "c-ares: buffer overflow in config_sortlist() due to missing string length check",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this vulnerability is not important but moderate because exploiting the vulnerability can lead to a disruption of the availability of an application, yet doesn\u2019t compromise data integrity or confidentiality. The opportunity for disruption is further limited due to the requirement that an application allows an attacker to be able to input both untrusted and unvalidated data. Exploiting this flaw requires an application to use the library in such a way that would allow untrusted and unvalidated input to be passed directly to ares_set_sortlist by an attacker. In the event that this is able to occur, the impact to RHEL is limited to a crash of the application due to the protections offered by default in RHEL systems such as Stack Smashing Protection (SSP).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4904"
},
{
"category": "external",
"summary": "RHBZ#2168631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4904",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904"
},
{
"category": "external",
"summary": "https://github.com/c-ares/c-ares/issues/496",
"url": "https://github.com/c-ares/c-ares/issues/496"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-04T09:57:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1582"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "c-ares: buffer overflow in config_sortlist() due to missing string length check"
},
{
"cve": "CVE-2022-25881",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2165824"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25881"
},
{
"category": "external",
"summary": "RHBZ#2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-04T09:57:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1582"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability"
},
{
"cve": "CVE-2023-23918",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2171935"
}
],
"notes": [
{
"category": "description",
"text": "A privilege escalation vulnerability exists in Node.js \u003c19.6.1, \u003c18.14.1, \u003c16.19.1 and \u003c14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Permissions policies can be bypassed via process.mainModule",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23918"
},
{
"category": "external",
"summary": "RHBZ#2171935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23918"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-04T09:57:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1582"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Permissions policies can be bypassed via process.mainModule"
},
{
"cve": "CVE-2023-23919",
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172170"
}
],
"notes": [
{
"category": "description",
"text": "A cryptographic vulnerability exists in Node.js \u003c19.2.0, \u003c18.14.1, \u003c16.19.1, \u003c14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: OpenSSL error handling issues in nodejs crypto library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23919"
},
{
"category": "external",
"summary": "RHBZ#2172170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172170"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23919"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23919",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23919"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-04T09:57:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1582"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: OpenSSL error handling issues in nodejs crypto library"
},
{
"cve": "CVE-2023-23920",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172217"
}
],
"notes": [
{
"category": "description",
"text": "An untrusted search path vulnerability exists in Node.js. \u003c19.6.1, \u003c18.14.1, \u003c16.19.1, and \u003c14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: insecure loading of ICU data through ICU_DATA environment variable",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23920"
},
{
"category": "external",
"summary": "RHBZ#2172217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23920"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-04T09:57:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1582"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Node.js: insecure loading of ICU data through ICU_DATA environment variable"
},
{
"cve": "CVE-2023-23936",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172190"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the fetch API in Node.js that did not prevent CRLF injection in the \u0027host\u0027 header. This issue could allow HTTP response splitting and HTTP header injection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Fetch API did not protect against CRLF injection in host headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23936"
},
{
"category": "external",
"summary": "RHBZ#2172190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23936",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23936"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23936",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23936"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-04T09:57:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1582"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Fetch API did not protect against CRLF injection in host headers"
},
{
"cve": "CVE-2023-24807",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172204"
}
],
"notes": [
{
"category": "description",
"text": "Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Regular Expression Denial of Service in Headers fetch API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24807"
},
{
"category": "external",
"summary": "RHBZ#2172204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172204"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24807"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-04T09:57:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1582"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debuginfo-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-debugsource-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-devel-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-docs-1:16.19.1-1.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-full-i18n-1:16.19.1-1.module+el8.7.0+18373+704f5cef.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18373+704f5cef.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:16:8070020230314140722:bd1311ed:npm-1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Node.js: Regular Expression Denial of Service in Headers fetch API"
}
]
}
RHSA-2023_1583
Vulnerability from csaf_redhat - Published: 2023-04-04 09:59 - Updated: 2024-12-16 07:30A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
A privilege escalation vulnerability exists in Node.js <19.6.1, <18.14.1, <16.19.1 and <14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
A cryptographic vulnerability exists in Node.js <19.2.0, <18.14.1, <16.19.1, <14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the fetch API in Node.js that did not prevent CRLF injection in the 'host' header. This issue could allow HTTP response splitting and HTTP header injection.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (18.14.2).\n\nSecurity Fix(es):\n\n* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n\n* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)\n\n* Node.js: Permissions policies can be bypassed via process.mainModule (CVE-2023-23918)\n\n* Node.js: Fetch API did not protect against CRLF injection in host headers (CVE-2023-23936)\n\n* Node.js: insecure loading of ICU data through ICU_DATA environment variable (CVE-2023-23920)\n\n* Node.js: Regular Expression Denial of Service in Headers fetch API (CVE-2023-24807)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1583",
"url": "https://access.redhat.com/errata/RHSA-2023:1583"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "2171935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935"
},
{
"category": "external",
"summary": "2172190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172190"
},
{
"category": "external",
"summary": "2172204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172204"
},
{
"category": "external",
"summary": "2172217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217"
},
{
"category": "external",
"summary": "2178087",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178087"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1583.json"
}
],
"title": "Red Hat Security Advisory: nodejs:18 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-12-16T07:30:24+00:00",
"generator": {
"date": "2024-12-16T07:30:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:1583",
"initial_release_date": "2023-04-04T09:59:44+00:00",
"revision_history": [
{
"date": "2023-04-04T09:59:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-04-04T09:59:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-16T07:30:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs:18:8070020230322080930:bd1311ed",
"product": {
"name": "nodejs:18:8070020230322080930:bd1311ed",
"product_id": "nodejs:18:8070020230322080930:bd1311ed",
"product_identification_helper": {
"purl": "pkg:rpmmod/redhat/nodejs@18:8070020230322080930:bd1311ed"
}
}
},
{
"category": "product_version",
"name": "nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"product": {
"name": "nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"product_id": "nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"product": {
"name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"product_id": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"product": {
"name": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"product_id": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-4.module%2Bel8.7.0%2B15582%2B19c314fa?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"product": {
"name": "nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"product_id": "nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging-bundler@2021.06-4.module%2Bel8.7.0%2B15582%2B19c314fa?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"product": {
"name": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"product_id": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"product": {
"name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"product_id": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=src"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"product": {
"name": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"product_id": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-4.module%2Bel8.7.0%2B15582%2B19c314fa?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"product": {
"name": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"product_id": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"product": {
"name": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"product_id": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"product": {
"name": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"product_id": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"product": {
"name": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"product_id": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"product": {
"name": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"product_id": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64",
"product": {
"name": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64",
"product_id": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@9.5.0-1.18.14.2.2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"product": {
"name": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"product_id": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"product": {
"name": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"product_id": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"product": {
"name": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"product_id": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"product": {
"name": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"product_id": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"product": {
"name": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"product_id": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"product": {
"name": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"product_id": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@9.5.0-1.18.14.2.2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product": {
"name": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product_id": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product": {
"name": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product_id": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product": {
"name": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product_id": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product": {
"name": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product_id": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product": {
"name": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product_id": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product": {
"name": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product_id": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@9.5.0-1.18.14.2.2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"product": {
"name": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"product_id": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"product": {
"name": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"product_id": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"product": {
"name": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"product_id": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"product": {
"name": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"product_id": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"product": {
"name": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"product_id": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@18.14.2-2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"product": {
"name": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"product_id": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@9.5.0-1.18.14.2.2.module%2Bel8.7.0%2B18445%2B9493b6ea?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
"product_reference": "nodejs:18:8070020230322080930:bd1311ed",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64"
},
"product_reference": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le"
},
"product_reference": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x"
},
"product_reference": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src"
},
"product_reference": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64"
},
"product_reference": "nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64"
},
"product_reference": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le"
},
"product_reference": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x"
},
"product_reference": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64"
},
"product_reference": "nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64"
},
"product_reference": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le"
},
"product_reference": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x"
},
"product_reference": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64"
},
"product_reference": "nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64"
},
"product_reference": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le"
},
"product_reference": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x"
},
"product_reference": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64"
},
"product_reference": "nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch"
},
"product_reference": "nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64 as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64"
},
"product_reference": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le"
},
"product_reference": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x"
},
"product_reference": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64 as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64"
},
"product_reference": "nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch"
},
"product_reference": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src"
},
"product_reference": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch"
},
"product_reference": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src"
},
"product_reference": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch"
},
"product_reference": "nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64 as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64"
},
"product_reference": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le"
},
"product_reference": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x"
},
"product_reference": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64 as a component of nodejs:18:8070020230322080930:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
},
"product_reference": "npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-04T09:59:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1583"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2022-25881",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2165824"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25881"
},
{
"category": "external",
"summary": "RHBZ#2165824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-04T09:59:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1583"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability"
},
{
"cve": "CVE-2023-23918",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2171935"
}
],
"notes": [
{
"category": "description",
"text": "A privilege escalation vulnerability exists in Node.js \u003c19.6.1, \u003c18.14.1, \u003c16.19.1 and \u003c14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Permissions policies can be bypassed via process.mainModule",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23918"
},
{
"category": "external",
"summary": "RHBZ#2171935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23918"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-04T09:59:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1583"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Permissions policies can be bypassed via process.mainModule"
},
{
"cve": "CVE-2023-23919",
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172170"
}
],
"notes": [
{
"category": "description",
"text": "A cryptographic vulnerability exists in Node.js \u003c19.2.0, \u003c18.14.1, \u003c16.19.1, \u003c14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: OpenSSL error handling issues in nodejs crypto library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23919"
},
{
"category": "external",
"summary": "RHBZ#2172170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172170"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23919"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23919",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23919"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-04T09:59:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1583"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: OpenSSL error handling issues in nodejs crypto library"
},
{
"cve": "CVE-2023-23920",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172217"
}
],
"notes": [
{
"category": "description",
"text": "An untrusted search path vulnerability exists in Node.js. \u003c19.6.1, \u003c18.14.1, \u003c16.19.1, and \u003c14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: insecure loading of ICU data through ICU_DATA environment variable",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23920"
},
{
"category": "external",
"summary": "RHBZ#2172217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23920"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-04T09:59:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1583"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Node.js: insecure loading of ICU data through ICU_DATA environment variable"
},
{
"cve": "CVE-2023-23936",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172190"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the fetch API in Node.js that did not prevent CRLF injection in the \u0027host\u0027 header. This issue could allow HTTP response splitting and HTTP header injection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Fetch API did not protect against CRLF injection in host headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23936"
},
{
"category": "external",
"summary": "RHBZ#2172190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23936",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23936"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23936",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23936"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-04T09:59:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1583"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Node.js: Fetch API did not protect against CRLF injection in host headers"
},
{
"cve": "CVE-2023-24807",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172204"
}
],
"notes": [
{
"category": "description",
"text": "Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Node.js: Regular Expression Denial of Service in Headers fetch API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24807"
},
{
"category": "external",
"summary": "RHBZ#2172204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172204"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24807"
}
],
"release_date": "2023-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-04T09:59:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1583"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debuginfo-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-debugsource-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-devel-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-docs-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-full-i18n-1:18.14.2-2.module+el8.7.0+18445+9493b6ea.x86_64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+18445+9493b6ea.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.aarch64",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.ppc64le",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.s390x",
"AppStream-8.7.0.Z.MAIN:nodejs:18:8070020230322080930:bd1311ed:npm-1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Node.js: Regular Expression Denial of Service in Headers fetch API"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.