Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-25883 (GCVE-0-2022-25883)
Vulnerability from cvelistv5 – Published: 2023-06-21 05:00 – Updated: 2024-12-06 16:55
VLAI
EPSS
Summary
Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.
Severity
5.3 (Medium)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
7 references
Credits
Alessio Della Libera - Snyk Research Team
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-10-25T13:07:28.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L160"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L138"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/npm/node-semver/pull/564"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441"
},
{
"url": "https://security.netapp.com/advisory/ntap-20241025-0004/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25883",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-06T16:54:52.064322Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333 Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T16:55:09.228Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "semver",
"vendor": "n/a",
"versions": [
{
"lessThan": "7.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Alessio Della Libera - Snyk Research Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.\r\r\r"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "Regular Expression Denial of Service (ReDoS)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-21T05:00:03.352Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795"
},
{
"url": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L160"
},
{
"url": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L138"
},
{
"url": "https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104"
},
{
"url": "https://github.com/npm/node-semver/pull/564"
},
{
"url": "https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2022-25883",
"datePublished": "2023-06-21T05:00:03.352Z",
"dateReserved": "2022-02-24T11:58:25.192Z",
"dateUpdated": "2024-12-06T16:55:09.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-25883",
"date": "2026-06-06",
"epss": "0.00598",
"percentile": "0.69821"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:npmjs:semver:*:*:*:*:*:node.js:*:*\", \"versionEndExcluding\": \"5.7.2\", \"matchCriteriaId\": \"3DBCA81E-C65B-40E4-8274-83F6B4F07217\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:npmjs:semver:*:*:*:*:*:node.js:*:*\", \"versionStartIncluding\": \"6.0.0\", \"versionEndExcluding\": \"6.3.1\", \"matchCriteriaId\": \"E9EE5F81-D456-411C-8E1F-9D0D555B6FEF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:npmjs:semver:*:*:*:*:*:node.js:*:*\", \"versionStartIncluding\": \"7.0.0\", \"versionEndExcluding\": \"7.5.2\", \"matchCriteriaId\": \"93EADF33-E83B-43EA-83CF-BC13AA5393EE\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.\\r\\r\\r\"}]",
"id": "CVE-2022-25883",
"lastModified": "2024-12-06T17:15:07.260",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"report@snyk.io\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
"published": "2023-06-21T05:15:09.060",
"references": "[{\"url\": \"https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104\", \"source\": \"report@snyk.io\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://github.com/npm/node-semver/blob/main/internal/re.js%23L138\", \"source\": \"report@snyk.io\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://github.com/npm/node-semver/blob/main/internal/re.js%23L160\", \"source\": \"report@snyk.io\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441\", \"source\": \"report@snyk.io\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/npm/node-semver/pull/564\", \"source\": \"report@snyk.io\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795\", \"source\": \"report@snyk.io\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://github.com/npm/node-semver/blob/main/internal/re.js%23L138\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://github.com/npm/node-semver/blob/main/internal/re.js%23L160\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/npm/node-semver/pull/564\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20241025-0004/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "report@snyk.io",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"report@snyk.io\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-1333\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-1333\"}]}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-1333\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-25883\",\"sourceIdentifier\":\"report@snyk.io\",\"published\":\"2023-06-21T05:15:09.060\",\"lastModified\":\"2025-09-23T15:05:46.017\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.\\r\\r\\r\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"report@snyk.io\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"report@snyk.io\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1333\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1333\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1333\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:npmjs:semver:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"5.7.2\",\"matchCriteriaId\":\"3DBCA81E-C65B-40E4-8274-83F6B4F07217\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:npmjs:semver:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.3.1\",\"matchCriteriaId\":\"E9EE5F81-D456-411C-8E1F-9D0D555B6FEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:npmjs:semver:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.5.3\",\"matchCriteriaId\":\"1B472AFF-891B-43BB-8215-DC2CC26C7F2C\"}]}]}],\"references\":[{\"url\":\"https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104\",\"source\":\"report@snyk.io\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://github.com/npm/node-semver/blob/main/internal/re.js%23L138\",\"source\":\"report@snyk.io\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://github.com/npm/node-semver/blob/main/internal/re.js%23L160\",\"source\":\"report@snyk.io\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441\",\"source\":\"report@snyk.io\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/npm/node-semver/pull/564\",\"source\":\"report@snyk.io\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795\",\"source\":\"report@snyk.io\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://github.com/npm/node-semver/blob/main/internal/re.js%23L138\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://github.com/npm/node-semver/blob/main/internal/re.js%23L160\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/npm/node-semver/pull/564\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20241025-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/npm/node-semver/blob/main/internal/re.js%23L160\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/npm/node-semver/blob/main/internal/re.js%23L138\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/npm/node-semver/pull/564\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20241025-0004/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-10-25T13:07:28.542Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-25883\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-06T16:54:52.064322Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1333\", \"description\": \"CWE-1333 Inefficient Regular Expression Complexity\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-06T16:55:03.100Z\"}}], \"cna\": {\"credits\": [{\"lang\": \"en\", \"value\": \"Alessio Della Libera - Snyk Research Team\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"semver\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"7.5.2\", \"versionType\": \"semver\"}]}], \"references\": [{\"url\": \"https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795\"}, {\"url\": \"https://github.com/npm/node-semver/blob/main/internal/re.js%23L160\"}, {\"url\": \"https://github.com/npm/node-semver/blob/main/internal/re.js%23L138\"}, {\"url\": \"https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104\"}, {\"url\": \"https://github.com/npm/node-semver/pull/564\"}, {\"url\": \"https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.\\r\\r\\r\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"cweId\": \"CWE-1333\", \"description\": \"Regular Expression Denial of Service (ReDoS)\"}]}], \"providerMetadata\": {\"orgId\": \"bae035ff-b466-4ff4-94d0-fc9efd9e1730\", \"shortName\": \"snyk\", \"dateUpdated\": \"2023-06-21T05:00:03.352Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-25883\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-06T16:55:09.228Z\", \"dateReserved\": \"2022-02-24T11:58:25.192Z\", \"assignerOrgId\": \"bae035ff-b466-4ff4-94d0-fc9efd9e1730\", \"datePublished\": \"2023-06-21T05:00:03.352Z\", \"assignerShortName\": \"snyk\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2026-AVI-0182
Vulnerability from certfr_avis - Published: 2026-02-18 - Updated: 2026-02-18
De multiples vulnérabilités ont été découvertes dans Atlassian Confluence. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Atlassian | Confluence | Confluence Server versions 9.4.x antérieures à 9.4.0 | ||
| Atlassian | Confluence | Confluence Data Center versions 9.4.x antérieures à 9.4.0 | ||
| Atlassian | Confluence | Confluence Data Center versions 9.5.x antérieures à 9.5.3 | ||
| Atlassian | Confluence | Confluence Server versions 10.1.x antérieures à 10.1.0 | ||
| Atlassian | Confluence | Confluence Server versions 10.0.x antérieures à 10.0.2 | ||
| Atlassian | Confluence | Confluence Data Center versions 10.0.x antérieures à 10.0.2 | ||
| Atlassian | Confluence | Confluence Server versions 9.2.x antérieures à 9.2.7 | ||
| Atlassian | Confluence | Confluence Data Center versions antérieures à 8.5.10 | ||
| Atlassian | Confluence | Confluence Server versions 9.5.x antérieures à 9.5.3 | ||
| Atlassian | Confluence | Confluence Data Center versions 10.1.x antérieures à 10.1.0 | ||
| Atlassian | Confluence | Confluence Data Center versions 10.2.x antérieures à 10.2.6 | ||
| Atlassian | Confluence | Confluence Server versions antérieures à 8.5.10 | ||
| Atlassian | Confluence | Confluence Server versions 10.2.x antérieures à 10.2.6 | ||
| Atlassian | Confluence | Confluence Data Center versions 9.2.x antérieures à 9.2.15 | ||
| Atlassian | Confluence | Confluence Data Center versions 9.3.x antérieures à 9.3.1 | ||
| Atlassian | Confluence | Confluence Server versions 9.3.x antérieures à 9.3.1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Confluence Server versions 9.4.x ant\u00e9rieures \u00e0 9.4.0",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions 9.4.x ant\u00e9rieures \u00e0 9.4.0",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions 9.5.x ant\u00e9rieures \u00e0 9.5.3",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Server versions 10.1.x ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Server versions 10.0.x ant\u00e9rieures \u00e0 10.0.2",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions 10.0.x ant\u00e9rieures \u00e0 10.0.2",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Server versions 9.2.x ant\u00e9rieures \u00e0 9.2.7",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions ant\u00e9rieures \u00e0 8.5.10",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Server versions 9.5.x ant\u00e9rieures \u00e0 9.5.3",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions 10.1.x ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions 10.2.x ant\u00e9rieures \u00e0 10.2.6",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Server versions ant\u00e9rieures \u00e0 8.5.10",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Server versions 10.2.x ant\u00e9rieures \u00e0 10.2.6",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions 9.2.x ant\u00e9rieures \u00e0 9.2.15",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions 9.3.x ant\u00e9rieures \u00e0 9.3.1",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Server versions 9.3.x ant\u00e9rieures \u00e0 9.3.1",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2022-25927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25927"
},
{
"name": "CVE-2025-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2025-59343",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59343"
}
],
"initial_release_date": "2026-02-18T00:00:00",
"last_revision_date": "2026-02-18T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0182",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Atlassian Confluence. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Atlassian Confluence",
"vendor_advisories": [
{
"published_at": "2026-02-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-102185",
"url": "https://jira.atlassian.com/browse/CONFSERVER-102185"
},
{
"published_at": "2026-02-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-101930",
"url": "https://jira.atlassian.com/browse/CONFSERVER-101930"
},
{
"published_at": "2026-02-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-102184",
"url": "https://jira.atlassian.com/browse/CONFSERVER-102184"
},
{
"published_at": "2026-02-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-102186",
"url": "https://jira.atlassian.com/browse/CONFSERVER-102186"
},
{
"published_at": "2026-02-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-102193",
"url": "https://jira.atlassian.com/browse/CONFSERVER-102193"
},
{
"published_at": "2026-02-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-102132",
"url": "https://jira.atlassian.com/browse/CONFSERVER-102132"
}
]
}
CERTFR-2026-AVI-0314
Vulnerability from certfr_avis - Published: 2026-03-18 - Updated: 2026-03-18
De multiples vulnérabilités ont été découvertes dans les produits Atlassian. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Atlassian | Jira | Jira Software Server versions antérieures à 10.3.17 | ||
| Atlassian | Jira | Jira Software Server versions antérieures à 11.3.2 | ||
| Atlassian | Confluence | Confluence Data Center versions antérieures à 10.2.7 | ||
| Atlassian | Jira | Jira Software Data Center versions antérieures à 11.3.3 | ||
| Atlassian | Confluence | Confluence Server versions antérieures à 9.0.2 | ||
| Atlassian | Jira | Jira Service Management Data Center versions antérieures à 11.3.3 | ||
| Atlassian | Confluence | Confluence Data Center versions antérieures à 9.0.2 | ||
| Atlassian | Jira | Jira Software Data Center versions antérieures à 10.3.18 | ||
| Atlassian | Confluence | Confluence Server versions antérieures à 9.2.15 | ||
| Atlassian | Jira | Jira Service Management Server versions antérieures à 11.3.3 | ||
| Atlassian | Confluence | Confluence Data Center versions antérieures à 9.2.15 | ||
| Atlassian | Confluence | Confluence Server versions antérieures à 10.2.7 | ||
| Atlassian | Jira | Jira Service Management Server versions antérieures à 10.3.17 | ||
| Atlassian | Jira | Jira Service Management Data Center versions antérieures à 10.3.18 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Jira Software Server versions ant\u00e9rieures \u00e0 10.3.17",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Software Server versions ant\u00e9rieures \u00e0 11.3.2",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions ant\u00e9rieures \u00e0 10.2.7",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Software Data Center versions ant\u00e9rieures \u00e0 11.3.3",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Server versions ant\u00e9rieures \u00e0 9.0.2",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Data Center versions ant\u00e9rieures \u00e0 11.3.3",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions ant\u00e9rieures \u00e0 9.0.2",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Software Data Center versions ant\u00e9rieures \u00e0 10.3.18",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Server versions ant\u00e9rieures \u00e0 9.2.15",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Server versions ant\u00e9rieures \u00e0 11.3.3",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions ant\u00e9rieures \u00e0 9.2.15",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Server versions ant\u00e9rieures \u00e0 10.2.7",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Server versions ant\u00e9rieures \u00e0 10.3.17",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Data Center versions ant\u00e9rieures \u00e0 10.3.18",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2026-23745",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23745"
},
{
"name": "CVE-2022-25927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25927"
},
{
"name": "CVE-2026-24842",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24842"
},
{
"name": "CVE-2026-23950",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23950"
},
{
"name": "CVE-2025-64756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2024-57699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57699"
}
],
"initial_release_date": "2026-03-18T00:00:00",
"last_revision_date": "2026-03-18T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0314",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Atlassian. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Atlassian",
"vendor_advisories": [
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16515",
"url": "https://jira.atlassian.com/browse/JSDSERVER-16515"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16527",
"url": "https://jira.atlassian.com/browse/JSDSERVER-16527"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26730",
"url": "https://jira.atlassian.com/browse/JSWSERVER-26730"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16530",
"url": "https://jira.atlassian.com/browse/JSDSERVER-16530"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26714",
"url": "https://jira.atlassian.com/browse/JSWSERVER-26714"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26736",
"url": "https://jira.atlassian.com/browse/JSWSERVER-26736"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26716",
"url": "https://jira.atlassian.com/browse/JSWSERVER-26716"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-102542",
"url": "https://jira.atlassian.com/browse/CONFSERVER-102542"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16529",
"url": "https://jira.atlassian.com/browse/JSDSERVER-16529"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16510",
"url": "https://jira.atlassian.com/browse/JSDSERVER-16510"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26732",
"url": "https://jira.atlassian.com/browse/JSWSERVER-26732"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16528",
"url": "https://jira.atlassian.com/browse/JSDSERVER-16528"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26733",
"url": "https://jira.atlassian.com/browse/JSWSERVER-26733"
}
]
}
CERTFR-2026-AVI-0500
Vulnerability from certfr_avis - Published: 2026-04-27 - Updated: 2026-04-27
De multiples vulnérabilités ont été découvertes dans VMware Tanzu. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Greenplum Platform Extension Framework versions ant\u00e9rieures \u00e0 8.0.0",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Data Lake versions ant\u00e9rieures \u00e0 4.0.0",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12384"
},
{
"name": "CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"name": "CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"name": "CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"name": "CVE-2026-33871",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33871"
},
{
"name": "CVE-2026-22737",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22737"
},
{
"name": "CVE-2026-3449",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3449"
},
{
"name": "CVE-2023-43642",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
},
{
"name": "CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"name": "CVE-2026-22036",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22036"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2023-33201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
},
{
"name": "CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"name": "CVE-2026-24098",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24098"
},
{
"name": "CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"name": "CVE-2026-24734",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24734"
},
{
"name": "CVE-2021-0341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0341"
},
{
"name": "CVE-2025-66614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66614"
},
{
"name": "CVE-2020-9546",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
},
{
"name": "CVE-2025-56200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-56200"
},
{
"name": "CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"name": "CVE-2020-35728",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35728"
},
{
"name": "CVE-2020-36181",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36181"
},
{
"name": "CVE-2026-1527",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1527"
},
{
"name": "CVE-2020-9548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
},
{
"name": "CVE-2020-36182",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36182"
},
{
"name": "CVE-2020-24616",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24616"
},
{
"name": "CVE-2026-41239",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41239"
},
{
"name": "CVE-2020-36185",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36185"
},
{
"name": "CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"name": "CVE-2023-34610",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34610"
},
{
"name": "CVE-2024-47561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47561"
},
{
"name": "CVE-2019-16942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2026-34486",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34486"
},
{
"name": "CVE-2026-1525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1525"
},
{
"name": "CVE-2018-1320",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1320"
},
{
"name": "CVE-2020-9547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
},
{
"name": "CVE-2026-29145",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29145"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2025-49128",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49128"
},
{
"name": "CVE-2020-36179",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36179"
},
{
"name": "CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"name": "CVE-2020-10650",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10650"
},
{
"name": "CVE-2025-1647",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1647"
},
{
"name": "CVE-2020-36186",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36186"
},
{
"name": "CVE-2026-23745",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23745"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2020-36189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
},
{
"name": "CVE-2019-20444",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20444"
},
{
"name": "CVE-2020-35490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35490"
},
{
"name": "CVE-2023-34462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
},
{
"name": "CVE-2026-33870",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33870"
},
{
"name": "CVE-2023-34454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34454"
},
{
"name": "CVE-2021-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2020-13949",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13949"
},
{
"name": "CVE-2023-33202",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33202"
},
{
"name": "CVE-2024-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
},
{
"name": "CVE-2023-26115",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26115"
},
{
"name": "CVE-2025-54550",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54550"
},
{
"name": "CVE-2025-54920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54920"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2019-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
},
{
"name": "CVE-2023-34453",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34453"
},
{
"name": "CVE-2025-33042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33042"
},
{
"name": "CVE-2024-11831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11831"
},
{
"name": "CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2026-34500",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34500"
},
{
"name": "CVE-2025-9624",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9624"
},
{
"name": "CVE-2026-34043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34043"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2025-64718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64718"
},
{
"name": "CVE-2020-11113",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11113"
},
{
"name": "CVE-2025-62718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
},
{
"name": "CVE-2026-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
},
{
"name": "CVE-2026-33671",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33671"
},
{
"name": "CVE-2026-33532",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33532"
},
{
"name": "CVE-2025-68470",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68470"
},
{
"name": "CVE-2025-67721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67721"
},
{
"name": "CVE-2024-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23454"
},
{
"name": "CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"name": "CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"name": "CVE-2019-14439",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14439"
},
{
"name": "CVE-2026-33750",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33750"
},
{
"name": "CVE-2025-66236",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66236"
},
{
"name": "CVE-2020-10969",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10969"
},
{
"name": "CVE-2024-48910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48910"
},
{
"name": "CVE-2024-8184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
},
{
"name": "CVE-2025-11143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11143"
},
{
"name": "CVE-2026-34480",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34480"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2026-33228",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33228"
},
{
"name": "CVE-2025-12758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12758"
},
{
"name": "CVE-2024-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
},
{
"name": "CVE-2020-36187",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36187"
},
{
"name": "CVE-2026-40175",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40175"
},
{
"name": "CVE-2024-57083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57083"
},
{
"name": "CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"name": "CVE-2024-23953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23953"
},
{
"name": "CVE-2026-29074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
},
{
"name": "CVE-2025-68161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68161"
},
{
"name": "CVE-2023-34455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34455"
},
{
"name": "CVE-2024-29131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
},
{
"name": "CVE-2026-41240",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41240"
},
{
"name": "CVE-2026-26960",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26960"
},
{
"name": "CVE-2020-11620",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11620"
},
{
"name": "CVE-2024-53382",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53382"
},
{
"name": "CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-37601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37601"
},
{
"name": "CVE-2018-5968",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5968"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2026-27903",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27903"
},
{
"name": "CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"name": "CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"name": "CVE-2020-24750",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24750"
},
{
"name": "CVE-2025-27821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27821"
},
{
"name": "CVE-2022-41404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41404"
},
{
"name": "CVE-2023-39410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2026-22732",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22732"
},
{
"name": "CVE-2024-29133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29133"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2026-34487",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34487"
},
{
"name": "CVE-2025-27555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27555"
},
{
"name": "CVE-2025-65995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65995"
},
{
"name": "CVE-2022-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
},
{
"name": "CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2026-24842",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24842"
},
{
"name": "CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"name": "CVE-2026-23950",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23950"
},
{
"name": "CVE-2019-20330",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20330"
},
{
"name": "CVE-2026-2950",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2950"
},
{
"name": "CVE-2020-14195",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14195"
},
{
"name": "CVE-2018-10237",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
},
{
"name": "CVE-2019-12814",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12814"
},
{
"name": "CVE-2020-35491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35491"
},
{
"name": "CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"name": "CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2025-69873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69873"
},
{
"name": "CVE-2020-14061",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14061"
},
{
"name": "CVE-2024-6485",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6485"
},
{
"name": "CVE-2025-67735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67735"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2025-68458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68458"
},
{
"name": "CVE-2021-22569",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
},
{
"name": "CVE-2020-11619",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11619"
},
{
"name": "CVE-2026-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29786"
},
{
"name": "CVE-2025-26791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26791"
},
{
"name": "CVE-2020-36183",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36183"
},
{
"name": "CVE-2026-25854",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25854"
},
{
"name": "CVE-2021-22573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22573"
},
{
"name": "CVE-2020-8840",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
},
{
"name": "CVE-2026-2332",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2332"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"name": "CVE-2019-0205",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0205"
},
{
"name": "CVE-2024-47875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
},
{
"name": "CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"name": "CVE-2026-33672",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33672"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"name": "CVE-2020-36184",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36184"
},
{
"name": "CVE-2023-42503",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42503"
},
{
"name": "CVE-2024-56373",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56373"
},
{
"name": "CVE-2026-25639",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25639"
},
{
"name": "CVE-2020-36180",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36180"
},
{
"name": "CVE-2024-28863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
},
{
"name": "CVE-2021-31684",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31684"
},
{
"name": "CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"name": "CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2026-22735",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22735"
},
{
"name": "CVE-2025-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2026-24733",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24733"
},
{
"name": "CVE-2022-38900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38900"
},
{
"name": "CVE-2025-68157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68157"
},
{
"name": "CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"name": "CVE-2019-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
},
{
"name": "CVE-2024-36114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36114"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2019-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12086"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"name": "CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"name": "CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"name": "CVE-2026-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26996"
},
{
"name": "CVE-2020-10968",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10968"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"name": "CVE-2025-68675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68675"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"name": "CVE-2026-34483",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34483"
},
{
"name": "CVE-2022-37599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37599"
},
{
"name": "CVE-2026-32141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
},
{
"name": "CVE-2025-59419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59419"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2019-14379",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
},
{
"name": "CVE-2023-26136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26136"
},
{
"name": "CVE-2026-33816",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33816"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2026-25219",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25219"
},
{
"name": "CVE-2020-11112",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11112"
},
{
"name": "CVE-2020-11111",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11111"
},
{
"name": "CVE-2026-31802",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31802"
},
{
"name": "CVE-2025-13465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2026-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27904"
},
{
"name": "CVE-2026-1225",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1225"
},
{
"name": "CVE-2020-14060",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14060"
},
{
"name": "CVE-2020-36188",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36188"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2024-57699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57699"
},
{
"name": "CVE-2019-14892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
},
{
"name": "CVE-2019-20445",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20445"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
},
{
"name": "CVE-2020-14062",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14062"
}
],
"initial_release_date": "2026-04-27T00:00:00",
"last_revision_date": "2026-04-27T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0500",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-04-27T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Tanzu. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu",
"vendor_advisories": [
{
"published_at": "2026-04-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37405",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37405"
},
{
"published_at": "2026-04-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37404",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37404"
}
]
}
FKIE_CVE-2022-25883
Vulnerability from fkie_nvd - Published: 2023-06-21 05:15 - Updated: 2025-09-23 15:05
Severity
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:npmjs:semver:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "3DBCA81E-C65B-40E4-8274-83F6B4F07217",
"versionEndExcluding": "5.7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:npmjs:semver:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "E9EE5F81-D456-411C-8E1F-9D0D555B6FEF",
"versionEndExcluding": "6.3.1",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:npmjs:semver:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "1B472AFF-891B-43BB-8215-DC2CC26C7F2C",
"versionEndExcluding": "7.5.3",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.\r\r\r"
}
],
"id": "CVE-2022-25883",
"lastModified": "2025-09-23T15:05:46.017",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "report@snyk.io",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-21T05:15:09.060",
"references": [
{
"source": "report@snyk.io",
"tags": [
"Broken Link"
],
"url": "https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104"
},
{
"source": "report@snyk.io",
"tags": [
"Broken Link"
],
"url": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L138"
},
{
"source": "report@snyk.io",
"tags": [
"Broken Link"
],
"url": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L160"
},
{
"source": "report@snyk.io",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441"
},
{
"source": "report@snyk.io",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/npm/node-semver/pull/564"
},
{
"source": "report@snyk.io",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/npm/node-semver/pull/564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20241025-0004/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795"
}
],
"sourceIdentifier": "report@snyk.io",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
],
"source": "report@snyk.io",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
GHSA-C2QF-RXJJ-QQGW
Vulnerability from github – Published: 2023-06-21 06:30 – Updated: 2026-02-04 20:39
VLAI
Summary
semver vulnerable to Regular Expression Denial of Service
Details
Versions of the package semver before 7.5.2 on the 7.x branch, before 6.3.1 on the 6.x branch, and all other versions before 5.7.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.
Severity
7.5 (High)
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "semver"
},
"ranges": [
{
"events": [
{
"introduced": "7.0.0"
},
{
"fixed": "7.5.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "semver"
},
"ranges": [
{
"events": [
{
"introduced": "6.0.0"
},
{
"fixed": "6.3.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "semver"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.0-alpha"
},
{
"fixed": "5.7.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-25883"
],
"database_specific": {
"cwe_ids": [
"CWE-1333"
],
"github_reviewed": true,
"github_reviewed_at": "2023-06-22T16:52:56Z",
"nvd_published_at": "2023-06-21T05:15:09Z",
"severity": "HIGH"
},
"details": "Versions of the package semver before 7.5.2 on the 7.x branch, before 6.3.1 on the 6.x branch, and all other versions before 5.7.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.",
"id": "GHSA-c2qf-rxjj-qqgw",
"modified": "2026-02-04T20:39:09Z",
"published": "2023-06-21T06:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25883"
},
{
"type": "WEB",
"url": "https://github.com/npm/node-semver/pull/564"
},
{
"type": "WEB",
"url": "https://github.com/npm/node-semver/pull/585"
},
{
"type": "WEB",
"url": "https://github.com/npm/node-semver/pull/593"
},
{
"type": "WEB",
"url": "https://github.com/npm/node-semver/commit/2f8fd41487acf380194579ecb6f8b1bbfe116be0"
},
{
"type": "WEB",
"url": "https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441"
},
{
"type": "WEB",
"url": "https://github.com/npm/node-semver/commit/928e56d21150da0413a3333a3148b20e741a920c"
},
{
"type": "PACKAGE",
"url": "https://github.com/npm/node-semver"
},
{
"type": "WEB",
"url": "https://github.com/npm/node-semver/blob/main/classes/range.js#L97-L104"
},
{
"type": "WEB",
"url": "https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104"
},
{
"type": "WEB",
"url": "https://github.com/npm/node-semver/blob/main/internal/re.js#L138"
},
{
"type": "WEB",
"url": "https://github.com/npm/node-semver/blob/main/internal/re.js#L160"
},
{
"type": "WEB",
"url": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L138"
},
{
"type": "WEB",
"url": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L160"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20241025-0004"
},
{
"type": "WEB",
"url": "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "semver vulnerable to Regular Expression Denial of Service"
}
GSD-2022-25883
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-25883",
"id": "GSD-2022-25883"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-25883"
],
"details": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.\r\r\r",
"id": "GSD-2022-25883",
"modified": "2023-12-13T01:19:27.040539Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "report@snyk.io",
"ID": "CVE-2022-25883",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "semver",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "7.5.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "Alessio Della Libera - Snyk Research Team"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.\r\r\r"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-1333",
"lang": "eng",
"value": "Regular Expression Denial of Service (ReDoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795",
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795"
},
{
"name": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L160",
"refsource": "MISC",
"url": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L160"
},
{
"name": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L138",
"refsource": "MISC",
"url": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L138"
},
{
"name": "https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104",
"refsource": "MISC",
"url": "https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104"
},
{
"name": "https://github.com/npm/node-semver/pull/564",
"refsource": "MISC",
"url": "https://github.com/npm/node-semver/pull/564"
},
{
"name": "https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441",
"refsource": "MISC",
"url": "https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c5.7.2||\u003e=6.0.0 \u003c6.3.1||\u003e=7.0.0 \u003c7.5.2",
"affected_versions": "All versions before 5.7.2, all versions starting from 6.0.0 before 6.3.1, all versions starting from 7.0.0 before 7.5.2",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-1333",
"CWE-937"
],
"date": "2023-07-12",
"description": "Versions of the package semver before 7.5.2 is vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.",
"fixed_versions": [
"5.7.2",
"6.3.1",
"7.5.2"
],
"identifier": "CVE-2022-25883",
"identifiers": [
"CVE-2022-25883"
],
"not_impacted": "All versions starting from 5.7.2 before 6.0.0, all versions starting from 6.3.1 before 7.0.0, all versions starting from 7.5.2",
"package_slug": "npm/semver",
"pubdate": "2023-06-21",
"solution": "Upgrade to versions 5.7.2, 6.3.1, 7.5.2 or above.",
"title": "Inefficient Regular Expression Complexity",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2022-25883",
"https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441",
"https://github.com/npm/node-semver/blob/main/internal/re.js%23L138",
"https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795",
"https://github.com/npm/node-semver/blob/main/internal/re.js%23L160",
"https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104",
"https://github.com/npm/node-semver/pull/564"
],
"uuid": "ce51134c-efb7-4379-9eec-f3e1b97d84c2"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:npmjs:semver:*:*:*:*:*:node.js:*:*",
"cpe_name": [],
"versionEndExcluding": "5.7.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:npmjs:semver:*:*:*:*:*:node.js:*:*",
"cpe_name": [],
"versionEndExcluding": "6.3.1",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:npmjs:semver:*:*:*:*:*:node.js:*:*",
"cpe_name": [],
"versionEndExcluding": "7.5.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "report@snyk.io",
"ID": "CVE-2022-25883"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.\r\r\r"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441",
"refsource": "MISC",
"tags": [
"Patch"
],
"url": "https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441"
},
{
"name": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L138",
"refsource": "MISC",
"tags": [
"Broken Link"
],
"url": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L138"
},
{
"name": "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795",
"refsource": "MISC",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795"
},
{
"name": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L160",
"refsource": "MISC",
"tags": [
"Broken Link"
],
"url": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L160"
},
{
"name": "https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104",
"refsource": "MISC",
"tags": [
"Broken Link"
],
"url": "https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104"
},
{
"name": "https://github.com/npm/node-semver/pull/564",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/npm/node-semver/pull/564"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2023-07-12T00:53Z",
"publishedDate": "2023-06-21T05:15Z"
}
}
}
MSRC_CVE-2022-25883
Vulnerability from csaf_microsoft - Published: 2023-06-01 07:00 - Updated: 2026-02-18 02:42Summary
Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range when untrusted user data is provided as a range.
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
CWE-1333
- Inefficient Regular Expression Complexity
Affected products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17084-2 | — | ||
| Unresolved product id: 17086-1 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2023/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2023/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2022-25883 Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range when untrusted user data is provided as a range.\n\n\n - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2023/msrc_cve-2022-25883.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range when untrusted user data is provided as a range.\n\n\n",
"tracking": {
"current_release_date": "2026-02-18T02:42:00.000Z",
"generator": {
"date": "2026-02-18T12:06:38.375Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2022-25883",
"initial_release_date": "2023-06-01T07:00:00.000Z",
"revision_history": [
{
"date": "2023-06-26T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-02-18T02:42:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"category": "product_name",
"name": "azl3 python-tensorboard 2.16.2-6",
"product": {
"name": "azl3 python-tensorboard 2.16.2-6",
"product_id": "2"
}
},
{
"category": "product_name",
"name": "cbl2 python-tensorboard 2.11.0-3",
"product": {
"name": "cbl2 python-tensorboard 2.11.0-3",
"product_id": "1"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 python-tensorboard 2.16.2-6 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 python-tensorboard 2.11.0-3 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25883",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17084-2",
"17086-1"
]
}
],
"notes": [
{
"category": "general",
"text": "snyk",
"title": "Assigning CNA"
}
],
"product_status": {
"known_not_affected": [
"17084-2",
"17086-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-25883 Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range when untrusted user data is provided as a range.\n\n\n - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2023/msrc_cve-2022-25883.json"
}
],
"title": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range when untrusted user data is provided as a range.\n\n\n"
}
]
}
NCSC-2026-0034
Vulnerability from csaf_ncscnl - Published: 2026-01-22 09:03 - Updated: 2026-01-22 09:03Summary
Kwetsbaarheden verholpen in Atlassian producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Atlassian heeft kwetsbaarheden verholpen in verschillende producten, welke gebruik maken van Oracle middle-ware producten zoals de Oracle Utilities Application Framework, WebLogic Server, Data Integrator en Business Intelligence Enterprise Edition.
Interpretaties: Deze kwetsbaarheden stellen ongeauthenticeerde aanvallers in staat om een denial of service (DoS) of om zich toegang te verschaffen tot gevoelige gegevens.
Een reeks kwetsbaarheden is afkomstig van diverse Oracle-middleware software, welke in Atlassian-producten is verwerkt. Deze kwetsbaarheden zijn verholpen in de Critical Patch Update van januari 2026 van Oracle en verwerkt in de getroffen Atlassian producten.
Oplossingen: Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-20: Improper Input Validation
CWE-23: Relative Path Traversal
CWE-121: Stack-based Buffer Overflow
CWE-285: Improper Authorization
CWE-287: Improper Authentication
CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-400: Uncontrolled Resource Consumption
CWE-404: Improper Resource Shutdown or Release
CWE-459: Incomplete Cleanup
CWE-611: Improper Restriction of XML External Entity Reference
CWE-697: Incorrect Comparison
CWE-770: Allocation of Resources Without Limits or Throttling
CWE-787: Out-of-bounds Write
CWE-863: Incorrect Authorization
CWE-918: Server-Side Request Forgery (SSRF)
CWE-937: CWE-937
CWE-1035: CWE-1035
CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-1333: Inefficient Regular Expression Complexity
Recent updates address critical security vulnerabilities across various software, including Ansible, Node.js, and Golang packages, with significant fixes for ReDoS and sensitive data exposure issues.
7.5 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Multiple versions of the semver package are vulnerable to Regular Expression Denial of Service (ReDoS) through the new Range function, prompting updates in various products to mitigate this risk.
7.5 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Multiple Oracle products, including Utilities Application Framework, WebLogic Server, Data Integrator, and Business Intelligence Enterprise Edition, have vulnerabilities allowing unauthenticated denial of service attacks, all with a CVSS score of 7.5.
7.5 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Recent updates across various AWS packages, Node.js versions, and Python libraries address security vulnerabilities, enhance functionality, and improve performance, while several vulnerability reports highlight critical issues in Oracle Communications, HPE Unified OSS Console, and the cross-spawn package.
CWE-1333 - Inefficient Regular Expression ComplexityAffected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Apache Tomcat versions 11.0.0-M1 to 11.0.0-M20, 10.1.0-M1 to 10.1.24, and 9.0.13 to 9.0.89 are vulnerable to OutOfMemoryError and Denial of Service due to improper TLS handshake handling.
8.6 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Multiple vulnerabilities in the path-to-regexp library and related components can lead to Denial of Service (DoS) attacks, particularly affecting Node.js applications and IBM App Connect Enterprise due to backtracking regex issues.
7.5 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Multiple vulnerabilities across Oracle products and DOMPurify allow for data compromise, denial of service, and XSS attacks, with CVSS scores ranging from 6.3 to 7.3.
7.3 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Oracle Database Server versions 23.4.0-23.26.0 have a vulnerability in the Fleet Patching and Provisioning component, while Eclipse Jersey versions 2.45, 3.0.16, and 3.1.9 may ignore critical SSL configurations due to a race condition.
8.7 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
The `qs` module's `arrayLimit` option is vulnerable to denial-of-service attacks due to its failure to enforce limits for bracket notation, allowing attackers to exploit memory exhaustion.
7.5 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Recent vulnerabilities in axios, pgadmin4, and HPE software expose systems to SSRF and credential leakage, particularly through the use of absolute URLs, necessitating updates to mitigate these risks.
7.5 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Multiple vulnerabilities have been identified in Oracle Financial Services and Retail products, as well as the Spring Framework, allowing unauthorized access to sensitive data and potentially leading to information disclosure.
7.5 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Multiple denial-of-service vulnerabilities have been identified in Oracle Application Testing Suite, Oracle Agile PLM, Apache Commons FileUpload, and HPE IceWall Identity Manager, with CVSS scores of 7.5 for some products.
7.5 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Recent updates for Apache Tomcat versions 9, 10, and 11 address the 'MadeYouReset' DoS vulnerability and other issues, with specific versions being susceptible to Denial of Service attacks from malformed client requests.
7.5 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Multiple vulnerabilities in the Oracle Enterprise Data Quality product and PostgreSQL JDBC Driver allow unauthorized access and insecure authentication, with CVSS scores indicating significant risk.
8.2 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Apache Tomcat versions 9.0.0.M1 to 9.0.106 have multiple vulnerabilities, including a race condition affecting HTTP/2 connections and denial of service flaws, alongside issues in Oracle Graph Server and HPE Unified OSS Console.
7.5 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Multiple vulnerabilities affect Oracle Communications Unified Assurance and Oracle Business Intelligence Enterprise Edition, allowing denial of service attacks, while older jackson-core versions are prone to StackoverflowErrors when parsing nested data.
7.5 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Apache Jackrabbit versions prior to 2.23.2 are vulnerable to blind XXE attacks due to an unsecured document build for loading privileges.
8.8 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Apache Tika versions 1.13 to 3.2.1 have a critical XXE vulnerability, while Oracle PeopleSoft's OpenSearch component in versions 8.60 to 8.62 is also affected by an easily exploitable vulnerability.
9.8 (Critical)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Recent updates to Netty and Oracle Communications products address critical vulnerabilities, including the 'MadeYouReset' attack in HTTP/2, which can lead to denial of service and resource exhaustion.
7.5 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Apache Tomcat versions 1.0.0-M1 to 11.0.10 are vulnerable to a directory traversal issue that may allow remote code execution if HTTP PUT requests are enabled, alongside other security vulnerabilities in HPE UOCAM.
8.1 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Apache Struts versions 2.0.0 to 6.7.0 and 7.0.0 to 7.0.3 have a Denial of Service vulnerability due to file leak in multipart request processing, affecting NetApp products.
7.5 (High)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
Apache Tika has multiple critical XML External Entity (XXE) injection vulnerabilities, particularly affecting PDF parsing, allowing remote attackers to exploit crafted documents for sensitive data disclosure and remote code execution.
10.0 (Critical)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
The document outlines a vulnerability in the `create-hash` package due to inadequate input type checks, leading to potential hash state manipulation and security risks, particularly in the `cipher-base` npm package versions up to 1.0.4.
9.1 (Critical)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
The document outlines a vulnerability in `sha.js` versions up to 2.4.11 due to insufficient input type checks, leading to potential denial of service and private key extraction risks.
9.1 (Critical)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
A high severity XXE vulnerability in Crowd Data Center and Server version 7.1.0 has a CVSS score of 7.9, allowing authenticated attackers to access sensitive content without user interaction.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Atlassian / Bamboo
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Bitbucket
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Confluence
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crowd Server
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Crucible
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Fisheye
|
vers:unknown/* | ||
|
vers:unknown/*
Atlassian / Jira
|
vers:unknown/* |
References
26 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Atlassian heeft kwetsbaarheden verholpen in verschillende producten, welke gebruik maken van Oracle middle-ware producten zoals de Oracle Utilities Application Framework, WebLogic Server, Data Integrator en Business Intelligence Enterprise Edition.",
"title": "Feiten"
},
{
"category": "description",
"text": "Deze kwetsbaarheden stellen ongeauthenticeerde aanvallers in staat om een denial of service (DoS) of om zich toegang te verschaffen tot gevoelige gegevens.\nEen reeks kwetsbaarheden is afkomstig van diverse Oracle-middleware software, welke in Atlassian-producten is verwerkt. Deze kwetsbaarheden zijn verholpen in de Critical Patch Update van januari 2026 van Oracle en verwerkt in de getroffen Atlassian producten.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Relative Path Traversal",
"title": "CWE-23"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Improper Authorization",
"title": "CWE-285"
},
{
"category": "general",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "general",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Incomplete Cleanup",
"title": "CWE-459"
},
{
"category": "general",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "Incorrect Comparison",
"title": "CWE-697"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "general",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "general",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "general",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://confluence.atlassian.com/security/security-bulletin-january-20-2026-1712324819.html"
}
],
"title": "Kwetsbaarheden verholpen in Atlassian producten",
"tracking": {
"current_release_date": "2026-01-22T09:03:42.667958Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2026-0034",
"initial_release_date": "2026-01-22T09:03:42.667958Z",
"revision_history": [
{
"date": "2026-01-22T09:03:42.667958Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "Bamboo"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "Bitbucket"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "Confluence"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-4"
}
}
],
"category": "product_name",
"name": "Crowd Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-5"
}
}
],
"category": "product_name",
"name": "Crucible"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-6"
}
}
],
"category": "product_name",
"name": "Fisheye"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-7"
}
}
],
"category": "product_name",
"name": "Jira"
}
],
"category": "vendor",
"name": "Atlassian"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "other",
"text": "Incorrect Comparison",
"title": "CWE-697"
},
{
"category": "description",
"text": "Recent updates address critical security vulnerabilities across various software, including Ansible, Node.js, and Golang packages, with significant fixes for ReDoS and sensitive data exposure issues.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-3807 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2021/cve-2021-3807.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2022-25883",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "description",
"text": "Multiple versions of the semver package are vulnerable to Regular Expression Denial of Service (ReDoS) through the new Range function, prompting updates in various products to mitigate this risk.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-25883 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2022/cve-2022-25883.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2022-25883"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "description",
"text": "Multiple Oracle products, including Utilities Application Framework, WebLogic Server, Data Integrator, and Business Intelligence Enterprise Edition, have vulnerabilities allowing unauthenticated denial of service attacks, all with a CVSS score of 7.5.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-45693 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2022/cve-2022-45693.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2022-45693"
},
{
"cve": "CVE-2024-21538",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "description",
"text": "Recent updates across various AWS packages, Node.js versions, and Python libraries address security vulnerabilities, enhance functionality, and improve performance, while several vulnerability reports highlight critical issues in Oracle Communications, HPE Unified OSS Console, and the cross-spawn package.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21538 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-21538.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2024-21538"
},
{
"cve": "CVE-2024-38286",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "Apache Tomcat versions 11.0.0-M1 to 11.0.0-M20, 10.1.0-M1 to 10.1.24, and 9.0.13 to 9.0.89 are vulnerable to OutOfMemoryError and Denial of Service due to improper TLS handshake handling.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38286 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-38286.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2024-38286"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "description",
"text": "Multiple vulnerabilities in the path-to-regexp library and related components can lead to Denial of Service (DoS) attacks, particularly affecting Node.js applications and IBM App Connect Enterprise due to backtracking regex issues.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45296 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-45296.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2024-45296"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Oracle products and DOMPurify allow for data compromise, denial of service, and XSS attacks, with CVSS scores ranging from 6.3 to 7.3.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45801 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-45801.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2024-45801"
},
{
"cve": "CVE-2025-12383",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Oracle Database Server versions 23.4.0-23.26.0 have a vulnerability in the Fleet Patching and Provisioning component, while Eclipse Jersey versions 2.45, 3.0.16, and 3.1.9 may ignore critical SSL configurations due to a race condition.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-12383 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-12383.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2025-12383"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "The `qs` module\u0027s `arrayLimit` option is vulnerable to denial-of-service attacks due to its failure to enforce limits for bracket notation, allowing attackers to exploit memory exhaustion.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-15284 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-15284.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2025-15284"
},
{
"cve": "CVE-2025-27152",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "description",
"text": "Recent vulnerabilities in axios, pgadmin4, and HPE software expose systems to SSRF and credential leakage, particularly through the use of absolute URLs, necessitating updates to mitigate these risks.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27152 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27152.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2025-27152"
},
{
"cve": "CVE-2025-41249",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"notes": [
{
"category": "other",
"text": "Improper Authorization",
"title": "CWE-285"
},
{
"category": "other",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Multiple vulnerabilities have been identified in Oracle Financial Services and Retail products, as well as the Spring Framework, allowing unauthorized access to sensitive data and potentially leading to information disclosure.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-41249 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-41249.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2025-41249"
},
{
"cve": "CVE-2025-48976",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "Multiple denial-of-service vulnerabilities have been identified in Oracle Application Testing Suite, Oracle Agile PLM, Apache Commons FileUpload, and HPE IceWall Identity Manager, with CVSS scores of 7.5 for some products.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48976 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48976.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2025-48976"
},
{
"cve": "CVE-2025-48989",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "description",
"text": "Recent updates for Apache Tomcat versions 9, 10, and 11 address the \u0027MadeYouReset\u0027 DoS vulnerability and other issues, with specific versions being susceptible to Denial of Service attacks from malformed client requests.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48989 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48989.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2025-48989"
},
{
"cve": "CVE-2025-49146",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "other",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "description",
"text": "Multiple vulnerabilities in the Oracle Enterprise Data Quality product and PostgreSQL JDBC Driver allow unauthorized access and insecure authentication, with CVSS scores indicating significant risk.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-49146 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-49146.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2025-49146"
},
{
"cve": "CVE-2025-52434",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "description",
"text": "Apache Tomcat versions 9.0.0.M1 to 9.0.106 have multiple vulnerabilities, including a race condition affecting HTTP/2 connections and denial of service flaws, alongside issues in Oracle Graph Server and HPE Unified OSS Console.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-52434 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-52434.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2025-52434"
},
{
"cve": "CVE-2025-52999",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "description",
"text": "Multiple vulnerabilities affect Oracle Communications Unified Assurance and Oracle Business Intelligence Enterprise Edition, allowing denial of service attacks, while older jackson-core versions are prone to StackoverflowErrors when parsing nested data.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-52999 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-52999.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2025-52999"
},
{
"cve": "CVE-2025-53689",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "description",
"text": "Apache Jackrabbit versions prior to 2.23.2 are vulnerable to blind XXE attacks due to an unsecured document build for loading privileges.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53689 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53689.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2025-53689"
},
{
"cve": "CVE-2025-54988",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Apache Tika versions 1.13 to 3.2.1 have a critical XXE vulnerability, while Oracle PeopleSoft\u0027s OpenSearch component in versions 8.60 to 8.62 is also affected by an easily exploitable vulnerability.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-54988 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-54988.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2025-54988"
},
{
"cve": "CVE-2025-55163",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Recent updates to Netty and Oracle Communications products address critical vulnerabilities, including the \u0027MadeYouReset\u0027 attack in HTTP/2, which can lead to denial of service and resource exhaustion.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55163 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55163.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2025-55163"
},
{
"cve": "CVE-2025-55752",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"notes": [
{
"category": "other",
"text": "Relative Path Traversal",
"title": "CWE-23"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Apache Tomcat versions 1.0.0-M1 to 11.0.10 are vulnerable to a directory traversal issue that may allow remote code execution if HTTP PUT requests are enabled, alongside other security vulnerabilities in HPE UOCAM.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55752 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55752.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2025-55752"
},
{
"cve": "CVE-2025-64775",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "other",
"text": "Incomplete Cleanup",
"title": "CWE-459"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Apache Struts versions 2.0.0 to 6.7.0 and 7.0.0 to 7.0.3 have a Denial of Service vulnerability due to file leak in multipart request processing, affecting NetApp products.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-64775 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-64775.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2025-64775"
},
{
"cve": "CVE-2025-66516",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Apache Tika has multiple critical XML External Entity (XXE) injection vulnerabilities, particularly affecting PDF parsing, allowing remote attackers to exploit crafted documents for sensitive data disclosure and remote code execution.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-66516 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-66516.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2025-66516"
},
{
"cve": "CVE-2025-9287",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "description",
"text": "The document outlines a vulnerability in the `create-hash` package due to inadequate input type checks, leading to potential hash state manipulation and security risks, particularly in the `cipher-base` npm package versions up to 1.0.4.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-9287 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-9287.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2025-9287"
},
{
"cve": "CVE-2025-9288",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "description",
"text": "The document outlines a vulnerability in `sha.js` versions up to 2.4.11 due to insufficient input type checks, leading to potential denial of service and private key extraction risks.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-9288 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-9288.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
}
],
"title": "CVE-2025-9288"
},
{
"cve": "CVE-2026-21569",
"notes": [
{
"category": "description",
"text": "A high severity XXE vulnerability in Crowd Data Center and Server version 7.1.0 has a CVSS score of 7.9, allowing authenticated attackers to access sensitive content without user interaction.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21569 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21569.json"
}
],
"title": "CVE-2026-21569"
}
]
}
OPENSUSE-SU-2024:14012-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
system-user-velociraptor-1.0.0-9.1 on GA media
Severity
Moderate
Notes
Title of the patch: system-user-velociraptor-1.0.0-9.1 on GA media
Description of the patch: These are all security issues fixed in the system-user-velociraptor-1.0.0-9.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-14012
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "system-user-velociraptor-1.0.0-9.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the system-user-velociraptor-1.0.0-9.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-14012",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14012-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-25883 page",
"url": "https://www.suse.com/security/cve/CVE-2022-25883/"
}
],
"title": "system-user-velociraptor-1.0.0-9.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:14012-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "system-user-velociraptor-1.0.0-9.1.aarch64",
"product": {
"name": "system-user-velociraptor-1.0.0-9.1.aarch64",
"product_id": "system-user-velociraptor-1.0.0-9.1.aarch64"
}
},
{
"category": "product_version",
"name": "velociraptor-0.7.0.4.git74.3426c0a-9.1.aarch64",
"product": {
"name": "velociraptor-0.7.0.4.git74.3426c0a-9.1.aarch64",
"product_id": "velociraptor-0.7.0.4.git74.3426c0a-9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "system-user-velociraptor-1.0.0-9.1.ppc64le",
"product": {
"name": "system-user-velociraptor-1.0.0-9.1.ppc64le",
"product_id": "system-user-velociraptor-1.0.0-9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "velociraptor-0.7.0.4.git74.3426c0a-9.1.ppc64le",
"product": {
"name": "velociraptor-0.7.0.4.git74.3426c0a-9.1.ppc64le",
"product_id": "velociraptor-0.7.0.4.git74.3426c0a-9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "system-user-velociraptor-1.0.0-9.1.s390x",
"product": {
"name": "system-user-velociraptor-1.0.0-9.1.s390x",
"product_id": "system-user-velociraptor-1.0.0-9.1.s390x"
}
},
{
"category": "product_version",
"name": "velociraptor-0.7.0.4.git74.3426c0a-9.1.s390x",
"product": {
"name": "velociraptor-0.7.0.4.git74.3426c0a-9.1.s390x",
"product_id": "velociraptor-0.7.0.4.git74.3426c0a-9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "system-user-velociraptor-1.0.0-9.1.x86_64",
"product": {
"name": "system-user-velociraptor-1.0.0-9.1.x86_64",
"product_id": "system-user-velociraptor-1.0.0-9.1.x86_64"
}
},
{
"category": "product_version",
"name": "velociraptor-0.7.0.4.git74.3426c0a-9.1.x86_64",
"product": {
"name": "velociraptor-0.7.0.4.git74.3426c0a-9.1.x86_64",
"product_id": "velociraptor-0.7.0.4.git74.3426c0a-9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "system-user-velociraptor-1.0.0-9.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.aarch64"
},
"product_reference": "system-user-velociraptor-1.0.0-9.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "system-user-velociraptor-1.0.0-9.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.ppc64le"
},
"product_reference": "system-user-velociraptor-1.0.0-9.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "system-user-velociraptor-1.0.0-9.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.s390x"
},
"product_reference": "system-user-velociraptor-1.0.0-9.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "system-user-velociraptor-1.0.0-9.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.x86_64"
},
"product_reference": "system-user-velociraptor-1.0.0-9.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velociraptor-0.7.0.4.git74.3426c0a-9.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.aarch64"
},
"product_reference": "velociraptor-0.7.0.4.git74.3426c0a-9.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velociraptor-0.7.0.4.git74.3426c0a-9.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.ppc64le"
},
"product_reference": "velociraptor-0.7.0.4.git74.3426c0a-9.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velociraptor-0.7.0.4.git74.3426c0a-9.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.s390x"
},
"product_reference": "velociraptor-0.7.0.4.git74.3426c0a-9.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velociraptor-0.7.0.4.git74.3426c0a-9.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.x86_64"
},
"product_reference": "velociraptor-0.7.0.4.git74.3426c0a-9.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-25883"
}
],
"notes": [
{
"category": "general",
"text": "Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.\r\r\r",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.aarch64",
"openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.ppc64le",
"openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.s390x",
"openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.x86_64",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.aarch64",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.ppc64le",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.s390x",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-25883",
"url": "https://www.suse.com/security/cve/CVE-2022-25883"
},
{
"category": "external",
"summary": "SUSE Bug 1212565 for CVE-2022-25883",
"url": "https://bugzilla.suse.com/1212565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.aarch64",
"openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.ppc64le",
"openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.s390x",
"openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.x86_64",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.aarch64",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.ppc64le",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.s390x",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.aarch64",
"openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.ppc64le",
"openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.s390x",
"openSUSE Tumbleweed:system-user-velociraptor-1.0.0-9.1.x86_64",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.aarch64",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.ppc64le",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.s390x",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git74.3426c0a-9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2022-25883"
}
]
}
RHSA-2023:4341
Vulnerability from csaf_redhat - Published: 2023-08-02 13:49 - Updated: 2026-06-02 17:39Summary
Red Hat Security Advisory: Logging Subsystem 5.7.4 - Red Hat OpenShift bug fix and security update
Severity
Moderate
Notes
Topic: Logging Subsystem 5.7.4 - Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Logging Subsystem 5.7.4 - Red Hat OpenShift
Security Fix(es):
* nodejs-semver: Regular expression denial of service (CVE-2022-25883)
* rubygem-activesupport: Regular Expression Denial of Service (CVE-2023-22796)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:231a9410313b59e0a489a998fd85c92a8c538c461d2a2efaa6a5bf33c36a1aef_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:5add092b1f4fea3a2e872f41b537635cbc23d874fb2fd9d8991928ec1fbfa3f5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:caaf5d6ce2c02b38ede741333d43b8e316a10dd18c2501bfd4cc404bd8029372_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:f54b96b6d08566acdc6d4babbcdc539a8709246aafac1ebdea67100a7f3bd52f_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:e56a09fc05288a5a2ef9eb4ed9536b517e5a19b6317be07ac9caeed7cdabc2c3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:49c4aebcd64396039f8e6d6cce6c55a92d6bbf6108ddf72bdc53606e26ac2b4a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:67ef8c821c9b3bca057ea7199aef6e911cd7f7f999ddc2fdf82c8075794b0aa3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c65f10b5e11fd2310b21c4acbd56d1fed311e0dd69f7c33d6b2fa0e83bf2d64f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:e0c2fee54eac82bb2db9458c66f5989d1ece106028facc0bf7630cdb10ce22d9_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:907c78f7ca1b56bb2ddc79b5b5555c39fd061190aebe72862bbd672c94b248b0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:8ff461c5c4c305e1ae2991bc5df6dbf98a51b0ecc4bace6706f574beea7f64dd_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:bb1a983e04d731a4e580cc0eff4216951ddc8a9eb27ed14b1960f2b434f3cd2e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf018227104330f7930731e0807ae6e4e877890bb3ab9e6d726a6765c9609a06_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:d4baa438f24a85b8be45f0bd121d738af1503ebf18e2c54d655acb6cad9e50cc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:44ba718456214efb36904719c4843c82449ccb18696925c7571324b4eb4a1c4c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5575edf75617e0bd07aa97490cffd26f076aa0bcd82c3274538ab45d51e00225_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:bd46b16c0677fab4a383572c274edebbc69c571045ad449d3b5d421405f5672d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:c2571e820b058d0b2baaa952a3c841646e777d7735561b1a43e1024ce606ff9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4fdca7719007c06b5b749a4c89f80f6c9056150f9e60e00933c2c0ee1b7b6441_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:7af0fa05193b2f75a270c16355bcce6d2117183d59f5ed4d040d5a8e7d40e610_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:df161e83a11d953b4867faad7079fed1eead2e8fc727902b7ff9671f8d4b1c5d_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:f2d5044bc2af0ec3e78732ae8785d217e80ff18332fca0629ca06c7d481a0d9a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:0f91fc53a5053e39de0fe264281a56a179a2b78718cfadec1e1b29506630ab70_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:34ce66194dfa6a7a20185095f0766ad57fc61225c080b67e558a81a81f815724_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3df6df351b2f6da84340867d2895db147313931f8d82479b8872da64bec6666a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f28aecb4013c43132d6261fd6817a65c2237dd8b5d9177999277ede0a228c79a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:1683bf2947833563d426e07b078e14984ea9c4f2a6da2931979eba3277f6aa2a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:337ee7e9da6cc5eeb19f5f2d626c264f02e4d928fc0966943da66e1feb3d9a7a_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9a6c4ab015df408ff848234705bf0fbff5332e85279485d2b758f23156a9c572_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:b6c6af01832e14bbfa3077448ee626daae770e1366efdc0f0784498f4d30e6b1_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:403c0dd709adab3bc11330a6939e587dea1739cd5670965467f4760530f8df48_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:7123433d58b6579455cc263f19c85b63ea951d89f66e2b733bac98a9b7ceac4b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:84fb35d90e834c43f5159b21140c8b94c21ea9124449425596799f80c7cd8020_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:d2555e8057588a34b60584b95514be1d85de61e9efa5bf3886182eb913c48a5f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:5bb8f176d903c84ed9d07d21d80a5640c15d7e34d0aff8635f62db039602c64f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:91d8fa588ddc7e633dd526aaa883e4a28a4cb9ac4a9ae69984c976f284779931_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:acb05b891cba1721d3eed20ecfa3b5d19a814b7759d718393c4df5d82f50c6ec_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:c808aad73043d9cd7392bdaf6d15dd1a078296df5696bbfa597c811025f61201_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:51f0afaea8d8596a8fd538decc0b5ece7a05be30a9fb50f4a4a8b5e5d1c2a6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:832579acb9582f50578a47750fe74b6e872422239aba5277173c6a0bdef51a04_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:955a2a4cdc1f1a350c4559a7d3ea755b4345477aac73f1b3768247845af277bb_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:a5b0a709ba5f19c2e99114b4cd91f96848f503cca54b9cbdf44d4f592d27bc21_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:0375fb8d4343d67fff498cc1d70ea60a2f3bdec1b02462916a252c1d096232f6_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:2cd86e00137e4fa3ac2857c9f71766c43f514265e583f2efb34afda01f4f148c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:d39a1cbbdc527136f4019717320fc2bf5de546e8f1155127b116c55cf066a61e_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:f9d15f9109b22d56825f56ec5c037e3f8af6119c022a43c4cfb0fa54bd297679_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c8c3190680b643c4825b186270d4acfa0cc6ae86f90842dc23b6bad6766f8367_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:2b0f8aff7372bb80de5dee22455041afc6514238088adeb643ee3890d6ec0a4d_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:3167db2da135849cdf568ddad218197d71c807fa8526179fff339016afe6f87e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31b811aeb70106ae65bcba0f36554d536ec5152cd61e65ac6eb452ce669bb595_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:84bd7d93f70ada3fcc298e943d1f0cd96373c77f3da2f626a26b15121f5ee3c9_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:115fb8f4748722861fc80fe75e56f46d19ff2aa923ab9b03d6b16942750fff45_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:21d62198b0452caf49ec5563682897d1e4c5e03e9e1404ce9d9cf72a7de34ba4_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:375048d10fb7192713ca038f43d57e0b34010f7c5707344de7c0abe9b3e59616_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:723e07a7914053df8edabda59d00662f51b41b1f6d3138773100d4a7c2dfd43c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:5468b32eb88305a16f127ebe3ffd8b3f71f70f3fcb709a71d99f2ff793624aae_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:56ed37d86ce09040ca99dcd7323725266ac8f125645784185c7efdfdec70385e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:7e2bd1808123b522d0542aeb738c57c005f079aebe23ea6f4065ff2d3ae731d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9893a02da55a768baa6e70cd79dacc5cfb41a8b0624f9c5722a8f5faf842627a_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3b9c8eee3ff2d4368517b1934097a612bd56a69ab98809cfa951400314f3acc0_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7b729eacf413158e143ab4683a54ef7a33380ce9917fa3289df93f2288d6a6d2_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:d6ad099e497eaad1d8dc0f2d160e1869df48c39c3f38ff4e9254799249bc96ab_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:dcd90c4fb7fa7dcaed3a27b1e80d7215bab65cde107d58fd8cd54957323f9ea7_ppc64le | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in rubygem-activesupport. RubyGem's activesupport gem is vulnerable to a denial of service caused by a regular expression denial of service (ReDoS) flaw in Inflector.underscore. By sending a specially-crafted regex input, a remote attacker can use large amounts of CPU and memory, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:1683bf2947833563d426e07b078e14984ea9c4f2a6da2931979eba3277f6aa2a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:337ee7e9da6cc5eeb19f5f2d626c264f02e4d928fc0966943da66e1feb3d9a7a_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9a6c4ab015df408ff848234705bf0fbff5332e85279485d2b758f23156a9c572_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:b6c6af01832e14bbfa3077448ee626daae770e1366efdc0f0784498f4d30e6b1_s390x | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:e56a09fc05288a5a2ef9eb4ed9536b517e5a19b6317be07ac9caeed7cdabc2c3_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:49c4aebcd64396039f8e6d6cce6c55a92d6bbf6108ddf72bdc53606e26ac2b4a_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:67ef8c821c9b3bca057ea7199aef6e911cd7f7f999ddc2fdf82c8075794b0aa3_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c65f10b5e11fd2310b21c4acbd56d1fed311e0dd69f7c33d6b2fa0e83bf2d64f_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:e0c2fee54eac82bb2db9458c66f5989d1ece106028facc0bf7630cdb10ce22d9_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:907c78f7ca1b56bb2ddc79b5b5555c39fd061190aebe72862bbd672c94b248b0_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:8ff461c5c4c305e1ae2991bc5df6dbf98a51b0ecc4bace6706f574beea7f64dd_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:bb1a983e04d731a4e580cc0eff4216951ddc8a9eb27ed14b1960f2b434f3cd2e_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf018227104330f7930731e0807ae6e4e877890bb3ab9e6d726a6765c9609a06_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:d4baa438f24a85b8be45f0bd121d738af1503ebf18e2c54d655acb6cad9e50cc_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:44ba718456214efb36904719c4843c82449ccb18696925c7571324b4eb4a1c4c_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5575edf75617e0bd07aa97490cffd26f076aa0bcd82c3274538ab45d51e00225_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:bd46b16c0677fab4a383572c274edebbc69c571045ad449d3b5d421405f5672d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:c2571e820b058d0b2baaa952a3c841646e777d7735561b1a43e1024ce606ff9a_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4fdca7719007c06b5b749a4c89f80f6c9056150f9e60e00933c2c0ee1b7b6441_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:7af0fa05193b2f75a270c16355bcce6d2117183d59f5ed4d040d5a8e7d40e610_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:df161e83a11d953b4867faad7079fed1eead2e8fc727902b7ff9671f8d4b1c5d_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:f2d5044bc2af0ec3e78732ae8785d217e80ff18332fca0629ca06c7d481a0d9a_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:0f91fc53a5053e39de0fe264281a56a179a2b78718cfadec1e1b29506630ab70_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:34ce66194dfa6a7a20185095f0766ad57fc61225c080b67e558a81a81f815724_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3df6df351b2f6da84340867d2895db147313931f8d82479b8872da64bec6666a_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f28aecb4013c43132d6261fd6817a65c2237dd8b5d9177999277ede0a228c79a_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:403c0dd709adab3bc11330a6939e587dea1739cd5670965467f4760530f8df48_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:7123433d58b6579455cc263f19c85b63ea951d89f66e2b733bac98a9b7ceac4b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:84fb35d90e834c43f5159b21140c8b94c21ea9124449425596799f80c7cd8020_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:d2555e8057588a34b60584b95514be1d85de61e9efa5bf3886182eb913c48a5f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:5bb8f176d903c84ed9d07d21d80a5640c15d7e34d0aff8635f62db039602c64f_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:91d8fa588ddc7e633dd526aaa883e4a28a4cb9ac4a9ae69984c976f284779931_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:acb05b891cba1721d3eed20ecfa3b5d19a814b7759d718393c4df5d82f50c6ec_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:c808aad73043d9cd7392bdaf6d15dd1a078296df5696bbfa597c811025f61201_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:51f0afaea8d8596a8fd538decc0b5ece7a05be30a9fb50f4a4a8b5e5d1c2a6fb_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:832579acb9582f50578a47750fe74b6e872422239aba5277173c6a0bdef51a04_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:955a2a4cdc1f1a350c4559a7d3ea755b4345477aac73f1b3768247845af277bb_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:a5b0a709ba5f19c2e99114b4cd91f96848f503cca54b9cbdf44d4f592d27bc21_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:0375fb8d4343d67fff498cc1d70ea60a2f3bdec1b02462916a252c1d096232f6_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:2cd86e00137e4fa3ac2857c9f71766c43f514265e583f2efb34afda01f4f148c_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:d39a1cbbdc527136f4019717320fc2bf5de546e8f1155127b116c55cf066a61e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:f9d15f9109b22d56825f56ec5c037e3f8af6119c022a43c4cfb0fa54bd297679_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:231a9410313b59e0a489a998fd85c92a8c538c461d2a2efaa6a5bf33c36a1aef_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:5add092b1f4fea3a2e872f41b537635cbc23d874fb2fd9d8991928ec1fbfa3f5_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:caaf5d6ce2c02b38ede741333d43b8e316a10dd18c2501bfd4cc404bd8029372_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:f54b96b6d08566acdc6d4babbcdc539a8709246aafac1ebdea67100a7f3bd52f_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c8c3190680b643c4825b186270d4acfa0cc6ae86f90842dc23b6bad6766f8367_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:2b0f8aff7372bb80de5dee22455041afc6514238088adeb643ee3890d6ec0a4d_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:3167db2da135849cdf568ddad218197d71c807fa8526179fff339016afe6f87e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31b811aeb70106ae65bcba0f36554d536ec5152cd61e65ac6eb452ce669bb595_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:84bd7d93f70ada3fcc298e943d1f0cd96373c77f3da2f626a26b15121f5ee3c9_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:115fb8f4748722861fc80fe75e56f46d19ff2aa923ab9b03d6b16942750fff45_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:21d62198b0452caf49ec5563682897d1e4c5e03e9e1404ce9d9cf72a7de34ba4_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:375048d10fb7192713ca038f43d57e0b34010f7c5707344de7c0abe9b3e59616_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:723e07a7914053df8edabda59d00662f51b41b1f6d3138773100d4a7c2dfd43c_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:5468b32eb88305a16f127ebe3ffd8b3f71f70f3fcb709a71d99f2ff793624aae_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:56ed37d86ce09040ca99dcd7323725266ac8f125645784185c7efdfdec70385e_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:7e2bd1808123b522d0542aeb738c57c005f079aebe23ea6f4065ff2d3ae731d7_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9893a02da55a768baa6e70cd79dacc5cfb41a8b0624f9c5722a8f5faf842627a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3b9c8eee3ff2d4368517b1934097a612bd56a69ab98809cfa951400314f3acc0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7b729eacf413158e143ab4683a54ef7a33380ce9917fa3289df93f2288d6a6d2_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:d6ad099e497eaad1d8dc0f2d160e1869df48c39c3f38ff4e9254799249bc96ab_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:dcd90c4fb7fa7dcaed3a27b1e80d7215bab65cde107d58fd8cd54957323f9ea7_ppc64le | — |
Threats
Impact
Moderate
References
27 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Logging Subsystem 5.7.4 - Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Logging Subsystem 5.7.4 - Red Hat OpenShift\n\nSecurity Fix(es):\n\n* nodejs-semver: Regular expression denial of service (CVE-2022-25883)\n\n* rubygem-activesupport: Regular Expression Denial of Service (CVE-2023-22796)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:4341",
"url": "https://access.redhat.com/errata/RHSA-2023:4341"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2164736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164736"
},
{
"category": "external",
"summary": "2216475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2216475"
},
{
"category": "external",
"summary": "LOG-2701",
"url": "https://issues.redhat.com/browse/LOG-2701"
},
{
"category": "external",
"summary": "LOG-3880",
"url": "https://issues.redhat.com/browse/LOG-3880"
},
{
"category": "external",
"summary": "LOG-4015",
"url": "https://issues.redhat.com/browse/LOG-4015"
},
{
"category": "external",
"summary": "LOG-4073",
"url": "https://issues.redhat.com/browse/LOG-4073"
},
{
"category": "external",
"summary": "LOG-4237",
"url": "https://issues.redhat.com/browse/LOG-4237"
},
{
"category": "external",
"summary": "LOG-4242",
"url": "https://issues.redhat.com/browse/LOG-4242"
},
{
"category": "external",
"summary": "LOG-4275",
"url": "https://issues.redhat.com/browse/LOG-4275"
},
{
"category": "external",
"summary": "LOG-4302",
"url": "https://issues.redhat.com/browse/LOG-4302"
},
{
"category": "external",
"summary": "LOG-4361",
"url": "https://issues.redhat.com/browse/LOG-4361"
},
{
"category": "external",
"summary": "LOG-4368",
"url": "https://issues.redhat.com/browse/LOG-4368"
},
{
"category": "external",
"summary": "LOG-4389",
"url": "https://issues.redhat.com/browse/LOG-4389"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4341.json"
}
],
"title": "Red Hat Security Advisory: Logging Subsystem 5.7.4 - Red Hat OpenShift bug fix and security update",
"tracking": {
"current_release_date": "2026-06-02T17:39:06+00:00",
"generator": {
"date": "2026-06-02T17:39:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2023:4341",
"initial_release_date": "2023-08-02T13:49:36+00:00",
"revision_history": [
{
"date": "2023-08-02T13:49:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-08-02T13:49:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T17:39:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 5.7 for RHEL 8",
"product": {
"name": "RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.7::el8"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e0c2fee54eac82bb2db9458c66f5989d1ece106028facc0bf7630cdb10ce22d9_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e0c2fee54eac82bb2db9458c66f5989d1ece106028facc0bf7630cdb10ce22d9_arm64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:e0c2fee54eac82bb2db9458c66f5989d1ece106028facc0bf7630cdb10ce22d9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:e0c2fee54eac82bb2db9458c66f5989d1ece106028facc0bf7630cdb10ce22d9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.7.4-13"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:bd46b16c0677fab4a383572c274edebbc69c571045ad449d3b5d421405f5672d_arm64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:bd46b16c0677fab4a383572c274edebbc69c571045ad449d3b5d421405f5672d_arm64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:bd46b16c0677fab4a383572c274edebbc69c571045ad449d3b5d421405f5672d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:bd46b16c0677fab4a383572c274edebbc69c571045ad449d3b5d421405f5672d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.7.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:8ff461c5c4c305e1ae2991bc5df6dbf98a51b0ecc4bace6706f574beea7f64dd_arm64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:8ff461c5c4c305e1ae2991bc5df6dbf98a51b0ecc4bace6706f574beea7f64dd_arm64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:8ff461c5c4c305e1ae2991bc5df6dbf98a51b0ecc4bace6706f574beea7f64dd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:8ff461c5c4c305e1ae2991bc5df6dbf98a51b0ecc4bace6706f574beea7f64dd?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-401"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:acb05b891cba1721d3eed20ecfa3b5d19a814b7759d718393c4df5d82f50c6ec_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:acb05b891cba1721d3eed20ecfa3b5d19a814b7759d718393c4df5d82f50c6ec_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:acb05b891cba1721d3eed20ecfa3b5d19a814b7759d718393c4df5d82f50c6ec_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:acb05b891cba1721d3eed20ecfa3b5d19a814b7759d718393c4df5d82f50c6ec?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-146"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:51f0afaea8d8596a8fd538decc0b5ece7a05be30a9fb50f4a4a8b5e5d1c2a6fb_arm64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:51f0afaea8d8596a8fd538decc0b5ece7a05be30a9fb50f4a4a8b5e5d1c2a6fb_arm64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:51f0afaea8d8596a8fd538decc0b5ece7a05be30a9fb50f4a4a8b5e5d1c2a6fb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:51f0afaea8d8596a8fd538decc0b5ece7a05be30a9fb50f4a4a8b5e5d1c2a6fb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-377"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:7af0fa05193b2f75a270c16355bcce6d2117183d59f5ed4d040d5a8e7d40e610_arm64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:7af0fa05193b2f75a270c16355bcce6d2117183d59f5ed4d040d5a8e7d40e610_arm64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:7af0fa05193b2f75a270c16355bcce6d2117183d59f5ed4d040d5a8e7d40e610_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:7af0fa05193b2f75a270c16355bcce6d2117183d59f5ed4d040d5a8e7d40e610?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-338"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:34ce66194dfa6a7a20185095f0766ad57fc61225c080b67e558a81a81f815724_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:34ce66194dfa6a7a20185095f0766ad57fc61225c080b67e558a81a81f815724_arm64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:34ce66194dfa6a7a20185095f0766ad57fc61225c080b67e558a81a81f815724_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:34ce66194dfa6a7a20185095f0766ad57fc61225c080b67e558a81a81f815724?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-153"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:337ee7e9da6cc5eeb19f5f2d626c264f02e4d928fc0966943da66e1feb3d9a7a_arm64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:337ee7e9da6cc5eeb19f5f2d626c264f02e4d928fc0966943da66e1feb3d9a7a_arm64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:337ee7e9da6cc5eeb19f5f2d626c264f02e4d928fc0966943da66e1feb3d9a7a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:337ee7e9da6cc5eeb19f5f2d626c264f02e4d928fc0966943da66e1feb3d9a7a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-152"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:84fb35d90e834c43f5159b21140c8b94c21ea9124449425596799f80c7cd8020_arm64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:84fb35d90e834c43f5159b21140c8b94c21ea9124449425596799f80c7cd8020_arm64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:84fb35d90e834c43f5159b21140c8b94c21ea9124449425596799f80c7cd8020_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:84fb35d90e834c43f5159b21140c8b94c21ea9124449425596799f80c7cd8020?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-377"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:d39a1cbbdc527136f4019717320fc2bf5de546e8f1155127b116c55cf066a61e_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:d39a1cbbdc527136f4019717320fc2bf5de546e8f1155127b116c55cf066a61e_arm64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:d39a1cbbdc527136f4019717320fc2bf5de546e8f1155127b116c55cf066a61e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:d39a1cbbdc527136f4019717320fc2bf5de546e8f1155127b116c55cf066a61e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.8.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:d6ad099e497eaad1d8dc0f2d160e1869df48c39c3f38ff4e9254799249bc96ab_arm64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:d6ad099e497eaad1d8dc0f2d160e1869df48c39c3f38ff4e9254799249bc96ab_arm64",
"product_id": "openshift-logging/vector-rhel8@sha256:d6ad099e497eaad1d8dc0f2d160e1869df48c39c3f38ff4e9254799249bc96ab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:d6ad099e497eaad1d8dc0f2d160e1869df48c39c3f38ff4e9254799249bc96ab?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.28.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:caaf5d6ce2c02b38ede741333d43b8e316a10dd18c2501bfd4cc404bd8029372_arm64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:caaf5d6ce2c02b38ede741333d43b8e316a10dd18c2501bfd4cc404bd8029372_arm64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:caaf5d6ce2c02b38ede741333d43b8e316a10dd18c2501bfd4cc404bd8029372_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:caaf5d6ce2c02b38ede741333d43b8e316a10dd18c2501bfd4cc404bd8029372?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.7.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:84bd7d93f70ada3fcc298e943d1f0cd96373c77f3da2f626a26b15121f5ee3c9_arm64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:84bd7d93f70ada3fcc298e943d1f0cd96373c77f3da2f626a26b15121f5ee3c9_arm64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:84bd7d93f70ada3fcc298e943d1f0cd96373c77f3da2f626a26b15121f5ee3c9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:84bd7d93f70ada3fcc298e943d1f0cd96373c77f3da2f626a26b15121f5ee3c9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.7.4-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:21d62198b0452caf49ec5563682897d1e4c5e03e9e1404ce9d9cf72a7de34ba4_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:21d62198b0452caf49ec5563682897d1e4c5e03e9e1404ce9d9cf72a7de34ba4_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:21d62198b0452caf49ec5563682897d1e4c5e03e9e1404ce9d9cf72a7de34ba4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:21d62198b0452caf49ec5563682897d1e4c5e03e9e1404ce9d9cf72a7de34ba4?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-290"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:9893a02da55a768baa6e70cd79dacc5cfb41a8b0624f9c5722a8f5faf842627a_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:9893a02da55a768baa6e70cd79dacc5cfb41a8b0624f9c5722a8f5faf842627a_arm64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:9893a02da55a768baa6e70cd79dacc5cfb41a8b0624f9c5722a8f5faf842627a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:9893a02da55a768baa6e70cd79dacc5cfb41a8b0624f9c5722a8f5faf842627a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-115"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c65f10b5e11fd2310b21c4acbd56d1fed311e0dd69f7c33d6b2fa0e83bf2d64f_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c65f10b5e11fd2310b21c4acbd56d1fed311e0dd69f7c33d6b2fa0e83bf2d64f_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:c65f10b5e11fd2310b21c4acbd56d1fed311e0dd69f7c33d6b2fa0e83bf2d64f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:c65f10b5e11fd2310b21c4acbd56d1fed311e0dd69f7c33d6b2fa0e83bf2d64f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.7.4-13"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:e56a09fc05288a5a2ef9eb4ed9536b517e5a19b6317be07ac9caeed7cdabc2c3_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:e56a09fc05288a5a2ef9eb4ed9536b517e5a19b6317be07ac9caeed7cdabc2c3_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:e56a09fc05288a5a2ef9eb4ed9536b517e5a19b6317be07ac9caeed7cdabc2c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:e56a09fc05288a5a2ef9eb4ed9536b517e5a19b6317be07ac9caeed7cdabc2c3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.7.4-28"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:44ba718456214efb36904719c4843c82449ccb18696925c7571324b4eb4a1c4c_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:44ba718456214efb36904719c4843c82449ccb18696925c7571324b4eb4a1c4c_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:44ba718456214efb36904719c4843c82449ccb18696925c7571324b4eb4a1c4c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:44ba718456214efb36904719c4843c82449ccb18696925c7571324b4eb4a1c4c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.7.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:907c78f7ca1b56bb2ddc79b5b5555c39fd061190aebe72862bbd672c94b248b0_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:907c78f7ca1b56bb2ddc79b5b5555c39fd061190aebe72862bbd672c94b248b0_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:907c78f7ca1b56bb2ddc79b5b5555c39fd061190aebe72862bbd672c94b248b0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:907c78f7ca1b56bb2ddc79b5b5555c39fd061190aebe72862bbd672c94b248b0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.7.4-9"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf018227104330f7930731e0807ae6e4e877890bb3ab9e6d726a6765c9609a06_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf018227104330f7930731e0807ae6e4e877890bb3ab9e6d726a6765c9609a06_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf018227104330f7930731e0807ae6e4e877890bb3ab9e6d726a6765c9609a06_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:cf018227104330f7930731e0807ae6e4e877890bb3ab9e6d726a6765c9609a06?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-401"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:5bb8f176d903c84ed9d07d21d80a5640c15d7e34d0aff8635f62db039602c64f_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:5bb8f176d903c84ed9d07d21d80a5640c15d7e34d0aff8635f62db039602c64f_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:5bb8f176d903c84ed9d07d21d80a5640c15d7e34d0aff8635f62db039602c64f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:5bb8f176d903c84ed9d07d21d80a5640c15d7e34d0aff8635f62db039602c64f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-146"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:a5b0a709ba5f19c2e99114b4cd91f96848f503cca54b9cbdf44d4f592d27bc21_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:a5b0a709ba5f19c2e99114b4cd91f96848f503cca54b9cbdf44d4f592d27bc21_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:a5b0a709ba5f19c2e99114b4cd91f96848f503cca54b9cbdf44d4f592d27bc21_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:a5b0a709ba5f19c2e99114b4cd91f96848f503cca54b9cbdf44d4f592d27bc21?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-377"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:f2d5044bc2af0ec3e78732ae8785d217e80ff18332fca0629ca06c7d481a0d9a_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:f2d5044bc2af0ec3e78732ae8785d217e80ff18332fca0629ca06c7d481a0d9a_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:f2d5044bc2af0ec3e78732ae8785d217e80ff18332fca0629ca06c7d481a0d9a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:f2d5044bc2af0ec3e78732ae8785d217e80ff18332fca0629ca06c7d481a0d9a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-338"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:f28aecb4013c43132d6261fd6817a65c2237dd8b5d9177999277ede0a228c79a_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:f28aecb4013c43132d6261fd6817a65c2237dd8b5d9177999277ede0a228c79a_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:f28aecb4013c43132d6261fd6817a65c2237dd8b5d9177999277ede0a228c79a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:f28aecb4013c43132d6261fd6817a65c2237dd8b5d9177999277ede0a228c79a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-153"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:1683bf2947833563d426e07b078e14984ea9c4f2a6da2931979eba3277f6aa2a_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:1683bf2947833563d426e07b078e14984ea9c4f2a6da2931979eba3277f6aa2a_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:1683bf2947833563d426e07b078e14984ea9c4f2a6da2931979eba3277f6aa2a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:1683bf2947833563d426e07b078e14984ea9c4f2a6da2931979eba3277f6aa2a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-152"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:403c0dd709adab3bc11330a6939e587dea1739cd5670965467f4760530f8df48_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:403c0dd709adab3bc11330a6939e587dea1739cd5670965467f4760530f8df48_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:403c0dd709adab3bc11330a6939e587dea1739cd5670965467f4760530f8df48_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:403c0dd709adab3bc11330a6939e587dea1739cd5670965467f4760530f8df48?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-377"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:0375fb8d4343d67fff498cc1d70ea60a2f3bdec1b02462916a252c1d096232f6_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:0375fb8d4343d67fff498cc1d70ea60a2f3bdec1b02462916a252c1d096232f6_amd64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:0375fb8d4343d67fff498cc1d70ea60a2f3bdec1b02462916a252c1d096232f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:0375fb8d4343d67fff498cc1d70ea60a2f3bdec1b02462916a252c1d096232f6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.8.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:7b729eacf413158e143ab4683a54ef7a33380ce9917fa3289df93f2288d6a6d2_amd64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:7b729eacf413158e143ab4683a54ef7a33380ce9917fa3289df93f2288d6a6d2_amd64",
"product_id": "openshift-logging/vector-rhel8@sha256:7b729eacf413158e143ab4683a54ef7a33380ce9917fa3289df93f2288d6a6d2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:7b729eacf413158e143ab4683a54ef7a33380ce9917fa3289df93f2288d6a6d2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.28.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:f54b96b6d08566acdc6d4babbcdc539a8709246aafac1ebdea67100a7f3bd52f_amd64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:f54b96b6d08566acdc6d4babbcdc539a8709246aafac1ebdea67100a7f3bd52f_amd64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:f54b96b6d08566acdc6d4babbcdc539a8709246aafac1ebdea67100a7f3bd52f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:f54b96b6d08566acdc6d4babbcdc539a8709246aafac1ebdea67100a7f3bd52f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.7.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:c8c3190680b643c4825b186270d4acfa0cc6ae86f90842dc23b6bad6766f8367_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:c8c3190680b643c4825b186270d4acfa0cc6ae86f90842dc23b6bad6766f8367_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:c8c3190680b643c4825b186270d4acfa0cc6ae86f90842dc23b6bad6766f8367_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:c8c3190680b643c4825b186270d4acfa0cc6ae86f90842dc23b6bad6766f8367?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.7.4-14"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:31b811aeb70106ae65bcba0f36554d536ec5152cd61e65ac6eb452ce669bb595_amd64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:31b811aeb70106ae65bcba0f36554d536ec5152cd61e65ac6eb452ce669bb595_amd64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:31b811aeb70106ae65bcba0f36554d536ec5152cd61e65ac6eb452ce669bb595_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:31b811aeb70106ae65bcba0f36554d536ec5152cd61e65ac6eb452ce669bb595?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.7.4-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:115fb8f4748722861fc80fe75e56f46d19ff2aa923ab9b03d6b16942750fff45_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:115fb8f4748722861fc80fe75e56f46d19ff2aa923ab9b03d6b16942750fff45_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:115fb8f4748722861fc80fe75e56f46d19ff2aa923ab9b03d6b16942750fff45_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:115fb8f4748722861fc80fe75e56f46d19ff2aa923ab9b03d6b16942750fff45?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-290"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:5468b32eb88305a16f127ebe3ffd8b3f71f70f3fcb709a71d99f2ff793624aae_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:5468b32eb88305a16f127ebe3ffd8b3f71f70f3fcb709a71d99f2ff793624aae_amd64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:5468b32eb88305a16f127ebe3ffd8b3f71f70f3fcb709a71d99f2ff793624aae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:5468b32eb88305a16f127ebe3ffd8b3f71f70f3fcb709a71d99f2ff793624aae?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-115"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:67ef8c821c9b3bca057ea7199aef6e911cd7f7f999ddc2fdf82c8075794b0aa3_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:67ef8c821c9b3bca057ea7199aef6e911cd7f7f999ddc2fdf82c8075794b0aa3_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:67ef8c821c9b3bca057ea7199aef6e911cd7f7f999ddc2fdf82c8075794b0aa3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:67ef8c821c9b3bca057ea7199aef6e911cd7f7f999ddc2fdf82c8075794b0aa3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.7.4-13"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c2571e820b058d0b2baaa952a3c841646e777d7735561b1a43e1024ce606ff9a_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c2571e820b058d0b2baaa952a3c841646e777d7735561b1a43e1024ce606ff9a_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:c2571e820b058d0b2baaa952a3c841646e777d7735561b1a43e1024ce606ff9a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:c2571e820b058d0b2baaa952a3c841646e777d7735561b1a43e1024ce606ff9a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.7.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:d4baa438f24a85b8be45f0bd121d738af1503ebf18e2c54d655acb6cad9e50cc_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:d4baa438f24a85b8be45f0bd121d738af1503ebf18e2c54d655acb6cad9e50cc_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:d4baa438f24a85b8be45f0bd121d738af1503ebf18e2c54d655acb6cad9e50cc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:d4baa438f24a85b8be45f0bd121d738af1503ebf18e2c54d655acb6cad9e50cc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-401"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c808aad73043d9cd7392bdaf6d15dd1a078296df5696bbfa597c811025f61201_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c808aad73043d9cd7392bdaf6d15dd1a078296df5696bbfa597c811025f61201_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c808aad73043d9cd7392bdaf6d15dd1a078296df5696bbfa597c811025f61201_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:c808aad73043d9cd7392bdaf6d15dd1a078296df5696bbfa597c811025f61201?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-146"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:955a2a4cdc1f1a350c4559a7d3ea755b4345477aac73f1b3768247845af277bb_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:955a2a4cdc1f1a350c4559a7d3ea755b4345477aac73f1b3768247845af277bb_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:955a2a4cdc1f1a350c4559a7d3ea755b4345477aac73f1b3768247845af277bb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:955a2a4cdc1f1a350c4559a7d3ea755b4345477aac73f1b3768247845af277bb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-377"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:4fdca7719007c06b5b749a4c89f80f6c9056150f9e60e00933c2c0ee1b7b6441_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:4fdca7719007c06b5b749a4c89f80f6c9056150f9e60e00933c2c0ee1b7b6441_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:4fdca7719007c06b5b749a4c89f80f6c9056150f9e60e00933c2c0ee1b7b6441_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:4fdca7719007c06b5b749a4c89f80f6c9056150f9e60e00933c2c0ee1b7b6441?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-338"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:3df6df351b2f6da84340867d2895db147313931f8d82479b8872da64bec6666a_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:3df6df351b2f6da84340867d2895db147313931f8d82479b8872da64bec6666a_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:3df6df351b2f6da84340867d2895db147313931f8d82479b8872da64bec6666a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:3df6df351b2f6da84340867d2895db147313931f8d82479b8872da64bec6666a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-153"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:9a6c4ab015df408ff848234705bf0fbff5332e85279485d2b758f23156a9c572_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:9a6c4ab015df408ff848234705bf0fbff5332e85279485d2b758f23156a9c572_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:9a6c4ab015df408ff848234705bf0fbff5332e85279485d2b758f23156a9c572_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:9a6c4ab015df408ff848234705bf0fbff5332e85279485d2b758f23156a9c572?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-152"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:7123433d58b6579455cc263f19c85b63ea951d89f66e2b733bac98a9b7ceac4b_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:7123433d58b6579455cc263f19c85b63ea951d89f66e2b733bac98a9b7ceac4b_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:7123433d58b6579455cc263f19c85b63ea951d89f66e2b733bac98a9b7ceac4b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:7123433d58b6579455cc263f19c85b63ea951d89f66e2b733bac98a9b7ceac4b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-377"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:f9d15f9109b22d56825f56ec5c037e3f8af6119c022a43c4cfb0fa54bd297679_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:f9d15f9109b22d56825f56ec5c037e3f8af6119c022a43c4cfb0fa54bd297679_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:f9d15f9109b22d56825f56ec5c037e3f8af6119c022a43c4cfb0fa54bd297679_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:f9d15f9109b22d56825f56ec5c037e3f8af6119c022a43c4cfb0fa54bd297679?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.8.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:dcd90c4fb7fa7dcaed3a27b1e80d7215bab65cde107d58fd8cd54957323f9ea7_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:dcd90c4fb7fa7dcaed3a27b1e80d7215bab65cde107d58fd8cd54957323f9ea7_ppc64le",
"product_id": "openshift-logging/vector-rhel8@sha256:dcd90c4fb7fa7dcaed3a27b1e80d7215bab65cde107d58fd8cd54957323f9ea7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:dcd90c4fb7fa7dcaed3a27b1e80d7215bab65cde107d58fd8cd54957323f9ea7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.28.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:5add092b1f4fea3a2e872f41b537635cbc23d874fb2fd9d8991928ec1fbfa3f5_ppc64le",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:5add092b1f4fea3a2e872f41b537635cbc23d874fb2fd9d8991928ec1fbfa3f5_ppc64le",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:5add092b1f4fea3a2e872f41b537635cbc23d874fb2fd9d8991928ec1fbfa3f5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:5add092b1f4fea3a2e872f41b537635cbc23d874fb2fd9d8991928ec1fbfa3f5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.7.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:3167db2da135849cdf568ddad218197d71c807fa8526179fff339016afe6f87e_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:3167db2da135849cdf568ddad218197d71c807fa8526179fff339016afe6f87e_ppc64le",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:3167db2da135849cdf568ddad218197d71c807fa8526179fff339016afe6f87e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:3167db2da135849cdf568ddad218197d71c807fa8526179fff339016afe6f87e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.7.4-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:375048d10fb7192713ca038f43d57e0b34010f7c5707344de7c0abe9b3e59616_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:375048d10fb7192713ca038f43d57e0b34010f7c5707344de7c0abe9b3e59616_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:375048d10fb7192713ca038f43d57e0b34010f7c5707344de7c0abe9b3e59616_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:375048d10fb7192713ca038f43d57e0b34010f7c5707344de7c0abe9b3e59616?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-290"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:7e2bd1808123b522d0542aeb738c57c005f079aebe23ea6f4065ff2d3ae731d7_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:7e2bd1808123b522d0542aeb738c57c005f079aebe23ea6f4065ff2d3ae731d7_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:7e2bd1808123b522d0542aeb738c57c005f079aebe23ea6f4065ff2d3ae731d7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:7e2bd1808123b522d0542aeb738c57c005f079aebe23ea6f4065ff2d3ae731d7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-115"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:49c4aebcd64396039f8e6d6cce6c55a92d6bbf6108ddf72bdc53606e26ac2b4a_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:49c4aebcd64396039f8e6d6cce6c55a92d6bbf6108ddf72bdc53606e26ac2b4a_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:49c4aebcd64396039f8e6d6cce6c55a92d6bbf6108ddf72bdc53606e26ac2b4a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:49c4aebcd64396039f8e6d6cce6c55a92d6bbf6108ddf72bdc53606e26ac2b4a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.7.4-13"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5575edf75617e0bd07aa97490cffd26f076aa0bcd82c3274538ab45d51e00225_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5575edf75617e0bd07aa97490cffd26f076aa0bcd82c3274538ab45d51e00225_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:5575edf75617e0bd07aa97490cffd26f076aa0bcd82c3274538ab45d51e00225_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:5575edf75617e0bd07aa97490cffd26f076aa0bcd82c3274538ab45d51e00225?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.7.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:bb1a983e04d731a4e580cc0eff4216951ddc8a9eb27ed14b1960f2b434f3cd2e_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:bb1a983e04d731a4e580cc0eff4216951ddc8a9eb27ed14b1960f2b434f3cd2e_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:bb1a983e04d731a4e580cc0eff4216951ddc8a9eb27ed14b1960f2b434f3cd2e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:bb1a983e04d731a4e580cc0eff4216951ddc8a9eb27ed14b1960f2b434f3cd2e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-401"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:91d8fa588ddc7e633dd526aaa883e4a28a4cb9ac4a9ae69984c976f284779931_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:91d8fa588ddc7e633dd526aaa883e4a28a4cb9ac4a9ae69984c976f284779931_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:91d8fa588ddc7e633dd526aaa883e4a28a4cb9ac4a9ae69984c976f284779931_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:91d8fa588ddc7e633dd526aaa883e4a28a4cb9ac4a9ae69984c976f284779931?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-146"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:832579acb9582f50578a47750fe74b6e872422239aba5277173c6a0bdef51a04_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:832579acb9582f50578a47750fe74b6e872422239aba5277173c6a0bdef51a04_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:832579acb9582f50578a47750fe74b6e872422239aba5277173c6a0bdef51a04_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:832579acb9582f50578a47750fe74b6e872422239aba5277173c6a0bdef51a04?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-377"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:df161e83a11d953b4867faad7079fed1eead2e8fc727902b7ff9671f8d4b1c5d_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:df161e83a11d953b4867faad7079fed1eead2e8fc727902b7ff9671f8d4b1c5d_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:df161e83a11d953b4867faad7079fed1eead2e8fc727902b7ff9671f8d4b1c5d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:df161e83a11d953b4867faad7079fed1eead2e8fc727902b7ff9671f8d4b1c5d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-338"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:0f91fc53a5053e39de0fe264281a56a179a2b78718cfadec1e1b29506630ab70_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:0f91fc53a5053e39de0fe264281a56a179a2b78718cfadec1e1b29506630ab70_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:0f91fc53a5053e39de0fe264281a56a179a2b78718cfadec1e1b29506630ab70_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:0f91fc53a5053e39de0fe264281a56a179a2b78718cfadec1e1b29506630ab70?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-153"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:b6c6af01832e14bbfa3077448ee626daae770e1366efdc0f0784498f4d30e6b1_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:b6c6af01832e14bbfa3077448ee626daae770e1366efdc0f0784498f4d30e6b1_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:b6c6af01832e14bbfa3077448ee626daae770e1366efdc0f0784498f4d30e6b1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:b6c6af01832e14bbfa3077448ee626daae770e1366efdc0f0784498f4d30e6b1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-152"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:d2555e8057588a34b60584b95514be1d85de61e9efa5bf3886182eb913c48a5f_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:d2555e8057588a34b60584b95514be1d85de61e9efa5bf3886182eb913c48a5f_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:d2555e8057588a34b60584b95514be1d85de61e9efa5bf3886182eb913c48a5f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:d2555e8057588a34b60584b95514be1d85de61e9efa5bf3886182eb913c48a5f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-377"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:2cd86e00137e4fa3ac2857c9f71766c43f514265e583f2efb34afda01f4f148c_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:2cd86e00137e4fa3ac2857c9f71766c43f514265e583f2efb34afda01f4f148c_s390x",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:2cd86e00137e4fa3ac2857c9f71766c43f514265e583f2efb34afda01f4f148c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:2cd86e00137e4fa3ac2857c9f71766c43f514265e583f2efb34afda01f4f148c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.8.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:3b9c8eee3ff2d4368517b1934097a612bd56a69ab98809cfa951400314f3acc0_s390x",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:3b9c8eee3ff2d4368517b1934097a612bd56a69ab98809cfa951400314f3acc0_s390x",
"product_id": "openshift-logging/vector-rhel8@sha256:3b9c8eee3ff2d4368517b1934097a612bd56a69ab98809cfa951400314f3acc0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:3b9c8eee3ff2d4368517b1934097a612bd56a69ab98809cfa951400314f3acc0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.28.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:231a9410313b59e0a489a998fd85c92a8c538c461d2a2efaa6a5bf33c36a1aef_s390x",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:231a9410313b59e0a489a998fd85c92a8c538c461d2a2efaa6a5bf33c36a1aef_s390x",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:231a9410313b59e0a489a998fd85c92a8c538c461d2a2efaa6a5bf33c36a1aef_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:231a9410313b59e0a489a998fd85c92a8c538c461d2a2efaa6a5bf33c36a1aef?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.7.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:2b0f8aff7372bb80de5dee22455041afc6514238088adeb643ee3890d6ec0a4d_s390x",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:2b0f8aff7372bb80de5dee22455041afc6514238088adeb643ee3890d6ec0a4d_s390x",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:2b0f8aff7372bb80de5dee22455041afc6514238088adeb643ee3890d6ec0a4d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:2b0f8aff7372bb80de5dee22455041afc6514238088adeb643ee3890d6ec0a4d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.7.4-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:723e07a7914053df8edabda59d00662f51b41b1f6d3138773100d4a7c2dfd43c_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:723e07a7914053df8edabda59d00662f51b41b1f6d3138773100d4a7c2dfd43c_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:723e07a7914053df8edabda59d00662f51b41b1f6d3138773100d4a7c2dfd43c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:723e07a7914053df8edabda59d00662f51b41b1f6d3138773100d4a7c2dfd43c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-290"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:56ed37d86ce09040ca99dcd7323725266ac8f125645784185c7efdfdec70385e_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:56ed37d86ce09040ca99dcd7323725266ac8f125645784185c7efdfdec70385e_s390x",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:56ed37d86ce09040ca99dcd7323725266ac8f125645784185c7efdfdec70385e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:56ed37d86ce09040ca99dcd7323725266ac8f125645784185c7efdfdec70385e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-115"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:e56a09fc05288a5a2ef9eb4ed9536b517e5a19b6317be07ac9caeed7cdabc2c3_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:e56a09fc05288a5a2ef9eb4ed9536b517e5a19b6317be07ac9caeed7cdabc2c3_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:e56a09fc05288a5a2ef9eb4ed9536b517e5a19b6317be07ac9caeed7cdabc2c3_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:49c4aebcd64396039f8e6d6cce6c55a92d6bbf6108ddf72bdc53606e26ac2b4a_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:49c4aebcd64396039f8e6d6cce6c55a92d6bbf6108ddf72bdc53606e26ac2b4a_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:49c4aebcd64396039f8e6d6cce6c55a92d6bbf6108ddf72bdc53606e26ac2b4a_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:67ef8c821c9b3bca057ea7199aef6e911cd7f7f999ddc2fdf82c8075794b0aa3_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:67ef8c821c9b3bca057ea7199aef6e911cd7f7f999ddc2fdf82c8075794b0aa3_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:67ef8c821c9b3bca057ea7199aef6e911cd7f7f999ddc2fdf82c8075794b0aa3_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c65f10b5e11fd2310b21c4acbd56d1fed311e0dd69f7c33d6b2fa0e83bf2d64f_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c65f10b5e11fd2310b21c4acbd56d1fed311e0dd69f7c33d6b2fa0e83bf2d64f_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:c65f10b5e11fd2310b21c4acbd56d1fed311e0dd69f7c33d6b2fa0e83bf2d64f_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e0c2fee54eac82bb2db9458c66f5989d1ece106028facc0bf7630cdb10ce22d9_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:e0c2fee54eac82bb2db9458c66f5989d1ece106028facc0bf7630cdb10ce22d9_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:e0c2fee54eac82bb2db9458c66f5989d1ece106028facc0bf7630cdb10ce22d9_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:907c78f7ca1b56bb2ddc79b5b5555c39fd061190aebe72862bbd672c94b248b0_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:907c78f7ca1b56bb2ddc79b5b5555c39fd061190aebe72862bbd672c94b248b0_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:907c78f7ca1b56bb2ddc79b5b5555c39fd061190aebe72862bbd672c94b248b0_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:8ff461c5c4c305e1ae2991bc5df6dbf98a51b0ecc4bace6706f574beea7f64dd_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:8ff461c5c4c305e1ae2991bc5df6dbf98a51b0ecc4bace6706f574beea7f64dd_arm64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:8ff461c5c4c305e1ae2991bc5df6dbf98a51b0ecc4bace6706f574beea7f64dd_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:bb1a983e04d731a4e580cc0eff4216951ddc8a9eb27ed14b1960f2b434f3cd2e_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:bb1a983e04d731a4e580cc0eff4216951ddc8a9eb27ed14b1960f2b434f3cd2e_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:bb1a983e04d731a4e580cc0eff4216951ddc8a9eb27ed14b1960f2b434f3cd2e_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf018227104330f7930731e0807ae6e4e877890bb3ab9e6d726a6765c9609a06_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf018227104330f7930731e0807ae6e4e877890bb3ab9e6d726a6765c9609a06_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:cf018227104330f7930731e0807ae6e4e877890bb3ab9e6d726a6765c9609a06_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:d4baa438f24a85b8be45f0bd121d738af1503ebf18e2c54d655acb6cad9e50cc_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:d4baa438f24a85b8be45f0bd121d738af1503ebf18e2c54d655acb6cad9e50cc_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:d4baa438f24a85b8be45f0bd121d738af1503ebf18e2c54d655acb6cad9e50cc_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:44ba718456214efb36904719c4843c82449ccb18696925c7571324b4eb4a1c4c_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:44ba718456214efb36904719c4843c82449ccb18696925c7571324b4eb4a1c4c_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:44ba718456214efb36904719c4843c82449ccb18696925c7571324b4eb4a1c4c_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5575edf75617e0bd07aa97490cffd26f076aa0bcd82c3274538ab45d51e00225_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5575edf75617e0bd07aa97490cffd26f076aa0bcd82c3274538ab45d51e00225_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:5575edf75617e0bd07aa97490cffd26f076aa0bcd82c3274538ab45d51e00225_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:bd46b16c0677fab4a383572c274edebbc69c571045ad449d3b5d421405f5672d_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:bd46b16c0677fab4a383572c274edebbc69c571045ad449d3b5d421405f5672d_arm64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:bd46b16c0677fab4a383572c274edebbc69c571045ad449d3b5d421405f5672d_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c2571e820b058d0b2baaa952a3c841646e777d7735561b1a43e1024ce606ff9a_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:c2571e820b058d0b2baaa952a3c841646e777d7735561b1a43e1024ce606ff9a_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:c2571e820b058d0b2baaa952a3c841646e777d7735561b1a43e1024ce606ff9a_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:4fdca7719007c06b5b749a4c89f80f6c9056150f9e60e00933c2c0ee1b7b6441_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4fdca7719007c06b5b749a4c89f80f6c9056150f9e60e00933c2c0ee1b7b6441_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:4fdca7719007c06b5b749a4c89f80f6c9056150f9e60e00933c2c0ee1b7b6441_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:7af0fa05193b2f75a270c16355bcce6d2117183d59f5ed4d040d5a8e7d40e610_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:7af0fa05193b2f75a270c16355bcce6d2117183d59f5ed4d040d5a8e7d40e610_arm64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:7af0fa05193b2f75a270c16355bcce6d2117183d59f5ed4d040d5a8e7d40e610_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:df161e83a11d953b4867faad7079fed1eead2e8fc727902b7ff9671f8d4b1c5d_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:df161e83a11d953b4867faad7079fed1eead2e8fc727902b7ff9671f8d4b1c5d_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:df161e83a11d953b4867faad7079fed1eead2e8fc727902b7ff9671f8d4b1c5d_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:f2d5044bc2af0ec3e78732ae8785d217e80ff18332fca0629ca06c7d481a0d9a_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:f2d5044bc2af0ec3e78732ae8785d217e80ff18332fca0629ca06c7d481a0d9a_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:f2d5044bc2af0ec3e78732ae8785d217e80ff18332fca0629ca06c7d481a0d9a_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:0f91fc53a5053e39de0fe264281a56a179a2b78718cfadec1e1b29506630ab70_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:0f91fc53a5053e39de0fe264281a56a179a2b78718cfadec1e1b29506630ab70_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:0f91fc53a5053e39de0fe264281a56a179a2b78718cfadec1e1b29506630ab70_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:34ce66194dfa6a7a20185095f0766ad57fc61225c080b67e558a81a81f815724_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:34ce66194dfa6a7a20185095f0766ad57fc61225c080b67e558a81a81f815724_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:34ce66194dfa6a7a20185095f0766ad57fc61225c080b67e558a81a81f815724_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:3df6df351b2f6da84340867d2895db147313931f8d82479b8872da64bec6666a_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3df6df351b2f6da84340867d2895db147313931f8d82479b8872da64bec6666a_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:3df6df351b2f6da84340867d2895db147313931f8d82479b8872da64bec6666a_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:f28aecb4013c43132d6261fd6817a65c2237dd8b5d9177999277ede0a228c79a_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f28aecb4013c43132d6261fd6817a65c2237dd8b5d9177999277ede0a228c79a_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:f28aecb4013c43132d6261fd6817a65c2237dd8b5d9177999277ede0a228c79a_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:1683bf2947833563d426e07b078e14984ea9c4f2a6da2931979eba3277f6aa2a_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:1683bf2947833563d426e07b078e14984ea9c4f2a6da2931979eba3277f6aa2a_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:1683bf2947833563d426e07b078e14984ea9c4f2a6da2931979eba3277f6aa2a_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:337ee7e9da6cc5eeb19f5f2d626c264f02e4d928fc0966943da66e1feb3d9a7a_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:337ee7e9da6cc5eeb19f5f2d626c264f02e4d928fc0966943da66e1feb3d9a7a_arm64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:337ee7e9da6cc5eeb19f5f2d626c264f02e4d928fc0966943da66e1feb3d9a7a_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:9a6c4ab015df408ff848234705bf0fbff5332e85279485d2b758f23156a9c572_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9a6c4ab015df408ff848234705bf0fbff5332e85279485d2b758f23156a9c572_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:9a6c4ab015df408ff848234705bf0fbff5332e85279485d2b758f23156a9c572_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:b6c6af01832e14bbfa3077448ee626daae770e1366efdc0f0784498f4d30e6b1_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:b6c6af01832e14bbfa3077448ee626daae770e1366efdc0f0784498f4d30e6b1_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:b6c6af01832e14bbfa3077448ee626daae770e1366efdc0f0784498f4d30e6b1_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:403c0dd709adab3bc11330a6939e587dea1739cd5670965467f4760530f8df48_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:403c0dd709adab3bc11330a6939e587dea1739cd5670965467f4760530f8df48_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:403c0dd709adab3bc11330a6939e587dea1739cd5670965467f4760530f8df48_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:7123433d58b6579455cc263f19c85b63ea951d89f66e2b733bac98a9b7ceac4b_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:7123433d58b6579455cc263f19c85b63ea951d89f66e2b733bac98a9b7ceac4b_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:7123433d58b6579455cc263f19c85b63ea951d89f66e2b733bac98a9b7ceac4b_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:84fb35d90e834c43f5159b21140c8b94c21ea9124449425596799f80c7cd8020_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:84fb35d90e834c43f5159b21140c8b94c21ea9124449425596799f80c7cd8020_arm64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:84fb35d90e834c43f5159b21140c8b94c21ea9124449425596799f80c7cd8020_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:d2555e8057588a34b60584b95514be1d85de61e9efa5bf3886182eb913c48a5f_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:d2555e8057588a34b60584b95514be1d85de61e9efa5bf3886182eb913c48a5f_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:d2555e8057588a34b60584b95514be1d85de61e9efa5bf3886182eb913c48a5f_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:5bb8f176d903c84ed9d07d21d80a5640c15d7e34d0aff8635f62db039602c64f_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:5bb8f176d903c84ed9d07d21d80a5640c15d7e34d0aff8635f62db039602c64f_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:5bb8f176d903c84ed9d07d21d80a5640c15d7e34d0aff8635f62db039602c64f_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:91d8fa588ddc7e633dd526aaa883e4a28a4cb9ac4a9ae69984c976f284779931_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:91d8fa588ddc7e633dd526aaa883e4a28a4cb9ac4a9ae69984c976f284779931_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:91d8fa588ddc7e633dd526aaa883e4a28a4cb9ac4a9ae69984c976f284779931_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:acb05b891cba1721d3eed20ecfa3b5d19a814b7759d718393c4df5d82f50c6ec_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:acb05b891cba1721d3eed20ecfa3b5d19a814b7759d718393c4df5d82f50c6ec_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:acb05b891cba1721d3eed20ecfa3b5d19a814b7759d718393c4df5d82f50c6ec_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c808aad73043d9cd7392bdaf6d15dd1a078296df5696bbfa597c811025f61201_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:c808aad73043d9cd7392bdaf6d15dd1a078296df5696bbfa597c811025f61201_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c808aad73043d9cd7392bdaf6d15dd1a078296df5696bbfa597c811025f61201_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:51f0afaea8d8596a8fd538decc0b5ece7a05be30a9fb50f4a4a8b5e5d1c2a6fb_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:51f0afaea8d8596a8fd538decc0b5ece7a05be30a9fb50f4a4a8b5e5d1c2a6fb_arm64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:51f0afaea8d8596a8fd538decc0b5ece7a05be30a9fb50f4a4a8b5e5d1c2a6fb_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:832579acb9582f50578a47750fe74b6e872422239aba5277173c6a0bdef51a04_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:832579acb9582f50578a47750fe74b6e872422239aba5277173c6a0bdef51a04_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:832579acb9582f50578a47750fe74b6e872422239aba5277173c6a0bdef51a04_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:955a2a4cdc1f1a350c4559a7d3ea755b4345477aac73f1b3768247845af277bb_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:955a2a4cdc1f1a350c4559a7d3ea755b4345477aac73f1b3768247845af277bb_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:955a2a4cdc1f1a350c4559a7d3ea755b4345477aac73f1b3768247845af277bb_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:a5b0a709ba5f19c2e99114b4cd91f96848f503cca54b9cbdf44d4f592d27bc21_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:a5b0a709ba5f19c2e99114b4cd91f96848f503cca54b9cbdf44d4f592d27bc21_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:a5b0a709ba5f19c2e99114b4cd91f96848f503cca54b9cbdf44d4f592d27bc21_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:0375fb8d4343d67fff498cc1d70ea60a2f3bdec1b02462916a252c1d096232f6_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:0375fb8d4343d67fff498cc1d70ea60a2f3bdec1b02462916a252c1d096232f6_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:0375fb8d4343d67fff498cc1d70ea60a2f3bdec1b02462916a252c1d096232f6_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:2cd86e00137e4fa3ac2857c9f71766c43f514265e583f2efb34afda01f4f148c_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:2cd86e00137e4fa3ac2857c9f71766c43f514265e583f2efb34afda01f4f148c_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:2cd86e00137e4fa3ac2857c9f71766c43f514265e583f2efb34afda01f4f148c_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:d39a1cbbdc527136f4019717320fc2bf5de546e8f1155127b116c55cf066a61e_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:d39a1cbbdc527136f4019717320fc2bf5de546e8f1155127b116c55cf066a61e_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:d39a1cbbdc527136f4019717320fc2bf5de546e8f1155127b116c55cf066a61e_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:f9d15f9109b22d56825f56ec5c037e3f8af6119c022a43c4cfb0fa54bd297679_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:f9d15f9109b22d56825f56ec5c037e3f8af6119c022a43c4cfb0fa54bd297679_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:f9d15f9109b22d56825f56ec5c037e3f8af6119c022a43c4cfb0fa54bd297679_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:231a9410313b59e0a489a998fd85c92a8c538c461d2a2efaa6a5bf33c36a1aef_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:231a9410313b59e0a489a998fd85c92a8c538c461d2a2efaa6a5bf33c36a1aef_s390x"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:231a9410313b59e0a489a998fd85c92a8c538c461d2a2efaa6a5bf33c36a1aef_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:5add092b1f4fea3a2e872f41b537635cbc23d874fb2fd9d8991928ec1fbfa3f5_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:5add092b1f4fea3a2e872f41b537635cbc23d874fb2fd9d8991928ec1fbfa3f5_ppc64le"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:5add092b1f4fea3a2e872f41b537635cbc23d874fb2fd9d8991928ec1fbfa3f5_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:caaf5d6ce2c02b38ede741333d43b8e316a10dd18c2501bfd4cc404bd8029372_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:caaf5d6ce2c02b38ede741333d43b8e316a10dd18c2501bfd4cc404bd8029372_arm64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:caaf5d6ce2c02b38ede741333d43b8e316a10dd18c2501bfd4cc404bd8029372_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:f54b96b6d08566acdc6d4babbcdc539a8709246aafac1ebdea67100a7f3bd52f_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:f54b96b6d08566acdc6d4babbcdc539a8709246aafac1ebdea67100a7f3bd52f_amd64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:f54b96b6d08566acdc6d4babbcdc539a8709246aafac1ebdea67100a7f3bd52f_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:c8c3190680b643c4825b186270d4acfa0cc6ae86f90842dc23b6bad6766f8367_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c8c3190680b643c4825b186270d4acfa0cc6ae86f90842dc23b6bad6766f8367_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:c8c3190680b643c4825b186270d4acfa0cc6ae86f90842dc23b6bad6766f8367_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:2b0f8aff7372bb80de5dee22455041afc6514238088adeb643ee3890d6ec0a4d_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:2b0f8aff7372bb80de5dee22455041afc6514238088adeb643ee3890d6ec0a4d_s390x"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:2b0f8aff7372bb80de5dee22455041afc6514238088adeb643ee3890d6ec0a4d_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:3167db2da135849cdf568ddad218197d71c807fa8526179fff339016afe6f87e_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:3167db2da135849cdf568ddad218197d71c807fa8526179fff339016afe6f87e_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:3167db2da135849cdf568ddad218197d71c807fa8526179fff339016afe6f87e_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:31b811aeb70106ae65bcba0f36554d536ec5152cd61e65ac6eb452ce669bb595_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31b811aeb70106ae65bcba0f36554d536ec5152cd61e65ac6eb452ce669bb595_amd64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:31b811aeb70106ae65bcba0f36554d536ec5152cd61e65ac6eb452ce669bb595_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:84bd7d93f70ada3fcc298e943d1f0cd96373c77f3da2f626a26b15121f5ee3c9_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:84bd7d93f70ada3fcc298e943d1f0cd96373c77f3da2f626a26b15121f5ee3c9_arm64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:84bd7d93f70ada3fcc298e943d1f0cd96373c77f3da2f626a26b15121f5ee3c9_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:115fb8f4748722861fc80fe75e56f46d19ff2aa923ab9b03d6b16942750fff45_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:115fb8f4748722861fc80fe75e56f46d19ff2aa923ab9b03d6b16942750fff45_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:115fb8f4748722861fc80fe75e56f46d19ff2aa923ab9b03d6b16942750fff45_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:21d62198b0452caf49ec5563682897d1e4c5e03e9e1404ce9d9cf72a7de34ba4_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:21d62198b0452caf49ec5563682897d1e4c5e03e9e1404ce9d9cf72a7de34ba4_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:21d62198b0452caf49ec5563682897d1e4c5e03e9e1404ce9d9cf72a7de34ba4_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:375048d10fb7192713ca038f43d57e0b34010f7c5707344de7c0abe9b3e59616_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:375048d10fb7192713ca038f43d57e0b34010f7c5707344de7c0abe9b3e59616_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:375048d10fb7192713ca038f43d57e0b34010f7c5707344de7c0abe9b3e59616_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:723e07a7914053df8edabda59d00662f51b41b1f6d3138773100d4a7c2dfd43c_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:723e07a7914053df8edabda59d00662f51b41b1f6d3138773100d4a7c2dfd43c_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:723e07a7914053df8edabda59d00662f51b41b1f6d3138773100d4a7c2dfd43c_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:5468b32eb88305a16f127ebe3ffd8b3f71f70f3fcb709a71d99f2ff793624aae_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:5468b32eb88305a16f127ebe3ffd8b3f71f70f3fcb709a71d99f2ff793624aae_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:5468b32eb88305a16f127ebe3ffd8b3f71f70f3fcb709a71d99f2ff793624aae_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:56ed37d86ce09040ca99dcd7323725266ac8f125645784185c7efdfdec70385e_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:56ed37d86ce09040ca99dcd7323725266ac8f125645784185c7efdfdec70385e_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:56ed37d86ce09040ca99dcd7323725266ac8f125645784185c7efdfdec70385e_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:7e2bd1808123b522d0542aeb738c57c005f079aebe23ea6f4065ff2d3ae731d7_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:7e2bd1808123b522d0542aeb738c57c005f079aebe23ea6f4065ff2d3ae731d7_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:7e2bd1808123b522d0542aeb738c57c005f079aebe23ea6f4065ff2d3ae731d7_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:9893a02da55a768baa6e70cd79dacc5cfb41a8b0624f9c5722a8f5faf842627a_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9893a02da55a768baa6e70cd79dacc5cfb41a8b0624f9c5722a8f5faf842627a_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:9893a02da55a768baa6e70cd79dacc5cfb41a8b0624f9c5722a8f5faf842627a_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:3b9c8eee3ff2d4368517b1934097a612bd56a69ab98809cfa951400314f3acc0_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3b9c8eee3ff2d4368517b1934097a612bd56a69ab98809cfa951400314f3acc0_s390x"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:3b9c8eee3ff2d4368517b1934097a612bd56a69ab98809cfa951400314f3acc0_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:7b729eacf413158e143ab4683a54ef7a33380ce9917fa3289df93f2288d6a6d2_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7b729eacf413158e143ab4683a54ef7a33380ce9917fa3289df93f2288d6a6d2_amd64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:7b729eacf413158e143ab4683a54ef7a33380ce9917fa3289df93f2288d6a6d2_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:d6ad099e497eaad1d8dc0f2d160e1869df48c39c3f38ff4e9254799249bc96ab_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:d6ad099e497eaad1d8dc0f2d160e1869df48c39c3f38ff4e9254799249bc96ab_arm64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:d6ad099e497eaad1d8dc0f2d160e1869df48c39c3f38ff4e9254799249bc96ab_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:dcd90c4fb7fa7dcaed3a27b1e80d7215bab65cde107d58fd8cd54957323f9ea7_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:dcd90c4fb7fa7dcaed3a27b1e80d7215bab65cde107d58fd8cd54957323f9ea7_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:dcd90c4fb7fa7dcaed3a27b1e80d7215bab65cde107d58fd8cd54957323f9ea7_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25883",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-06-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:e56a09fc05288a5a2ef9eb4ed9536b517e5a19b6317be07ac9caeed7cdabc2c3_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:49c4aebcd64396039f8e6d6cce6c55a92d6bbf6108ddf72bdc53606e26ac2b4a_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:67ef8c821c9b3bca057ea7199aef6e911cd7f7f999ddc2fdf82c8075794b0aa3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c65f10b5e11fd2310b21c4acbd56d1fed311e0dd69f7c33d6b2fa0e83bf2d64f_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:e0c2fee54eac82bb2db9458c66f5989d1ece106028facc0bf7630cdb10ce22d9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:907c78f7ca1b56bb2ddc79b5b5555c39fd061190aebe72862bbd672c94b248b0_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:8ff461c5c4c305e1ae2991bc5df6dbf98a51b0ecc4bace6706f574beea7f64dd_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:bb1a983e04d731a4e580cc0eff4216951ddc8a9eb27ed14b1960f2b434f3cd2e_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf018227104330f7930731e0807ae6e4e877890bb3ab9e6d726a6765c9609a06_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:d4baa438f24a85b8be45f0bd121d738af1503ebf18e2c54d655acb6cad9e50cc_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:44ba718456214efb36904719c4843c82449ccb18696925c7571324b4eb4a1c4c_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5575edf75617e0bd07aa97490cffd26f076aa0bcd82c3274538ab45d51e00225_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:bd46b16c0677fab4a383572c274edebbc69c571045ad449d3b5d421405f5672d_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:c2571e820b058d0b2baaa952a3c841646e777d7735561b1a43e1024ce606ff9a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4fdca7719007c06b5b749a4c89f80f6c9056150f9e60e00933c2c0ee1b7b6441_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:7af0fa05193b2f75a270c16355bcce6d2117183d59f5ed4d040d5a8e7d40e610_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:df161e83a11d953b4867faad7079fed1eead2e8fc727902b7ff9671f8d4b1c5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:f2d5044bc2af0ec3e78732ae8785d217e80ff18332fca0629ca06c7d481a0d9a_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:0f91fc53a5053e39de0fe264281a56a179a2b78718cfadec1e1b29506630ab70_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:34ce66194dfa6a7a20185095f0766ad57fc61225c080b67e558a81a81f815724_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3df6df351b2f6da84340867d2895db147313931f8d82479b8872da64bec6666a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f28aecb4013c43132d6261fd6817a65c2237dd8b5d9177999277ede0a228c79a_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:1683bf2947833563d426e07b078e14984ea9c4f2a6da2931979eba3277f6aa2a_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:337ee7e9da6cc5eeb19f5f2d626c264f02e4d928fc0966943da66e1feb3d9a7a_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9a6c4ab015df408ff848234705bf0fbff5332e85279485d2b758f23156a9c572_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:b6c6af01832e14bbfa3077448ee626daae770e1366efdc0f0784498f4d30e6b1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:403c0dd709adab3bc11330a6939e587dea1739cd5670965467f4760530f8df48_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:7123433d58b6579455cc263f19c85b63ea951d89f66e2b733bac98a9b7ceac4b_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:84fb35d90e834c43f5159b21140c8b94c21ea9124449425596799f80c7cd8020_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:d2555e8057588a34b60584b95514be1d85de61e9efa5bf3886182eb913c48a5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:5bb8f176d903c84ed9d07d21d80a5640c15d7e34d0aff8635f62db039602c64f_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:91d8fa588ddc7e633dd526aaa883e4a28a4cb9ac4a9ae69984c976f284779931_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:acb05b891cba1721d3eed20ecfa3b5d19a814b7759d718393c4df5d82f50c6ec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:c808aad73043d9cd7392bdaf6d15dd1a078296df5696bbfa597c811025f61201_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:51f0afaea8d8596a8fd538decc0b5ece7a05be30a9fb50f4a4a8b5e5d1c2a6fb_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:832579acb9582f50578a47750fe74b6e872422239aba5277173c6a0bdef51a04_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:955a2a4cdc1f1a350c4559a7d3ea755b4345477aac73f1b3768247845af277bb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:a5b0a709ba5f19c2e99114b4cd91f96848f503cca54b9cbdf44d4f592d27bc21_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:0375fb8d4343d67fff498cc1d70ea60a2f3bdec1b02462916a252c1d096232f6_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:2cd86e00137e4fa3ac2857c9f71766c43f514265e583f2efb34afda01f4f148c_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:d39a1cbbdc527136f4019717320fc2bf5de546e8f1155127b116c55cf066a61e_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:f9d15f9109b22d56825f56ec5c037e3f8af6119c022a43c4cfb0fa54bd297679_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c8c3190680b643c4825b186270d4acfa0cc6ae86f90842dc23b6bad6766f8367_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:2b0f8aff7372bb80de5dee22455041afc6514238088adeb643ee3890d6ec0a4d_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:3167db2da135849cdf568ddad218197d71c807fa8526179fff339016afe6f87e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31b811aeb70106ae65bcba0f36554d536ec5152cd61e65ac6eb452ce669bb595_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:84bd7d93f70ada3fcc298e943d1f0cd96373c77f3da2f626a26b15121f5ee3c9_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:115fb8f4748722861fc80fe75e56f46d19ff2aa923ab9b03d6b16942750fff45_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:21d62198b0452caf49ec5563682897d1e4c5e03e9e1404ce9d9cf72a7de34ba4_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:375048d10fb7192713ca038f43d57e0b34010f7c5707344de7c0abe9b3e59616_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:723e07a7914053df8edabda59d00662f51b41b1f6d3138773100d4a7c2dfd43c_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:5468b32eb88305a16f127ebe3ffd8b3f71f70f3fcb709a71d99f2ff793624aae_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:56ed37d86ce09040ca99dcd7323725266ac8f125645784185c7efdfdec70385e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:7e2bd1808123b522d0542aeb738c57c005f079aebe23ea6f4065ff2d3ae731d7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9893a02da55a768baa6e70cd79dacc5cfb41a8b0624f9c5722a8f5faf842627a_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3b9c8eee3ff2d4368517b1934097a612bd56a69ab98809cfa951400314f3acc0_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7b729eacf413158e143ab4683a54ef7a33380ce9917fa3289df93f2288d6a6d2_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:d6ad099e497eaad1d8dc0f2d160e1869df48c39c3f38ff4e9254799249bc96ab_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:dcd90c4fb7fa7dcaed3a27b1e80d7215bab65cde107d58fd8cd54957323f9ea7_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2216475"
}
],
"notes": [
{
"category": "description",
"text": "A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the \u0027new Range\u0027 function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-semver: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat Products versus NVD\u0027s High due to deployment context. The flaw in node-semver\u0027s new Range() function causes catastrophic regex backtracking on crafted input, leading to CPU exhaustion. However, exploitation requires untrusted input passed directly to the parser. So node-semver is a build-time dev dependency, not present in runtime environment in RHACM, and the functionality is additionally protected behind OAuth authentication, further limiting attack surface.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:231a9410313b59e0a489a998fd85c92a8c538c461d2a2efaa6a5bf33c36a1aef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:5add092b1f4fea3a2e872f41b537635cbc23d874fb2fd9d8991928ec1fbfa3f5_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:caaf5d6ce2c02b38ede741333d43b8e316a10dd18c2501bfd4cc404bd8029372_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:f54b96b6d08566acdc6d4babbcdc539a8709246aafac1ebdea67100a7f3bd52f_amd64"
],
"known_not_affected": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:e56a09fc05288a5a2ef9eb4ed9536b517e5a19b6317be07ac9caeed7cdabc2c3_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:49c4aebcd64396039f8e6d6cce6c55a92d6bbf6108ddf72bdc53606e26ac2b4a_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:67ef8c821c9b3bca057ea7199aef6e911cd7f7f999ddc2fdf82c8075794b0aa3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c65f10b5e11fd2310b21c4acbd56d1fed311e0dd69f7c33d6b2fa0e83bf2d64f_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:e0c2fee54eac82bb2db9458c66f5989d1ece106028facc0bf7630cdb10ce22d9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:907c78f7ca1b56bb2ddc79b5b5555c39fd061190aebe72862bbd672c94b248b0_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:8ff461c5c4c305e1ae2991bc5df6dbf98a51b0ecc4bace6706f574beea7f64dd_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:bb1a983e04d731a4e580cc0eff4216951ddc8a9eb27ed14b1960f2b434f3cd2e_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf018227104330f7930731e0807ae6e4e877890bb3ab9e6d726a6765c9609a06_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:d4baa438f24a85b8be45f0bd121d738af1503ebf18e2c54d655acb6cad9e50cc_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:44ba718456214efb36904719c4843c82449ccb18696925c7571324b4eb4a1c4c_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5575edf75617e0bd07aa97490cffd26f076aa0bcd82c3274538ab45d51e00225_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:bd46b16c0677fab4a383572c274edebbc69c571045ad449d3b5d421405f5672d_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:c2571e820b058d0b2baaa952a3c841646e777d7735561b1a43e1024ce606ff9a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4fdca7719007c06b5b749a4c89f80f6c9056150f9e60e00933c2c0ee1b7b6441_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:7af0fa05193b2f75a270c16355bcce6d2117183d59f5ed4d040d5a8e7d40e610_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:df161e83a11d953b4867faad7079fed1eead2e8fc727902b7ff9671f8d4b1c5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:f2d5044bc2af0ec3e78732ae8785d217e80ff18332fca0629ca06c7d481a0d9a_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:0f91fc53a5053e39de0fe264281a56a179a2b78718cfadec1e1b29506630ab70_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:34ce66194dfa6a7a20185095f0766ad57fc61225c080b67e558a81a81f815724_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3df6df351b2f6da84340867d2895db147313931f8d82479b8872da64bec6666a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f28aecb4013c43132d6261fd6817a65c2237dd8b5d9177999277ede0a228c79a_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:1683bf2947833563d426e07b078e14984ea9c4f2a6da2931979eba3277f6aa2a_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:337ee7e9da6cc5eeb19f5f2d626c264f02e4d928fc0966943da66e1feb3d9a7a_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9a6c4ab015df408ff848234705bf0fbff5332e85279485d2b758f23156a9c572_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:b6c6af01832e14bbfa3077448ee626daae770e1366efdc0f0784498f4d30e6b1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:403c0dd709adab3bc11330a6939e587dea1739cd5670965467f4760530f8df48_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:7123433d58b6579455cc263f19c85b63ea951d89f66e2b733bac98a9b7ceac4b_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:84fb35d90e834c43f5159b21140c8b94c21ea9124449425596799f80c7cd8020_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:d2555e8057588a34b60584b95514be1d85de61e9efa5bf3886182eb913c48a5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:5bb8f176d903c84ed9d07d21d80a5640c15d7e34d0aff8635f62db039602c64f_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:91d8fa588ddc7e633dd526aaa883e4a28a4cb9ac4a9ae69984c976f284779931_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:acb05b891cba1721d3eed20ecfa3b5d19a814b7759d718393c4df5d82f50c6ec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:c808aad73043d9cd7392bdaf6d15dd1a078296df5696bbfa597c811025f61201_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:51f0afaea8d8596a8fd538decc0b5ece7a05be30a9fb50f4a4a8b5e5d1c2a6fb_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:832579acb9582f50578a47750fe74b6e872422239aba5277173c6a0bdef51a04_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:955a2a4cdc1f1a350c4559a7d3ea755b4345477aac73f1b3768247845af277bb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:a5b0a709ba5f19c2e99114b4cd91f96848f503cca54b9cbdf44d4f592d27bc21_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:0375fb8d4343d67fff498cc1d70ea60a2f3bdec1b02462916a252c1d096232f6_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:2cd86e00137e4fa3ac2857c9f71766c43f514265e583f2efb34afda01f4f148c_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:d39a1cbbdc527136f4019717320fc2bf5de546e8f1155127b116c55cf066a61e_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:f9d15f9109b22d56825f56ec5c037e3f8af6119c022a43c4cfb0fa54bd297679_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c8c3190680b643c4825b186270d4acfa0cc6ae86f90842dc23b6bad6766f8367_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:2b0f8aff7372bb80de5dee22455041afc6514238088adeb643ee3890d6ec0a4d_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:3167db2da135849cdf568ddad218197d71c807fa8526179fff339016afe6f87e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31b811aeb70106ae65bcba0f36554d536ec5152cd61e65ac6eb452ce669bb595_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:84bd7d93f70ada3fcc298e943d1f0cd96373c77f3da2f626a26b15121f5ee3c9_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:115fb8f4748722861fc80fe75e56f46d19ff2aa923ab9b03d6b16942750fff45_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:21d62198b0452caf49ec5563682897d1e4c5e03e9e1404ce9d9cf72a7de34ba4_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:375048d10fb7192713ca038f43d57e0b34010f7c5707344de7c0abe9b3e59616_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:723e07a7914053df8edabda59d00662f51b41b1f6d3138773100d4a7c2dfd43c_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:5468b32eb88305a16f127ebe3ffd8b3f71f70f3fcb709a71d99f2ff793624aae_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:56ed37d86ce09040ca99dcd7323725266ac8f125645784185c7efdfdec70385e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:7e2bd1808123b522d0542aeb738c57c005f079aebe23ea6f4065ff2d3ae731d7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9893a02da55a768baa6e70cd79dacc5cfb41a8b0624f9c5722a8f5faf842627a_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3b9c8eee3ff2d4368517b1934097a612bd56a69ab98809cfa951400314f3acc0_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7b729eacf413158e143ab4683a54ef7a33380ce9917fa3289df93f2288d6a6d2_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:d6ad099e497eaad1d8dc0f2d160e1869df48c39c3f38ff4e9254799249bc96ab_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:dcd90c4fb7fa7dcaed3a27b1e80d7215bab65cde107d58fd8cd54957323f9ea7_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25883"
},
{
"category": "external",
"summary": "RHBZ#2216475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2216475"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25883"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw",
"url": "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795",
"url": "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795"
}
],
"release_date": "2023-06-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-08-02T13:49:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:231a9410313b59e0a489a998fd85c92a8c538c461d2a2efaa6a5bf33c36a1aef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:5add092b1f4fea3a2e872f41b537635cbc23d874fb2fd9d8991928ec1fbfa3f5_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:caaf5d6ce2c02b38ede741333d43b8e316a10dd18c2501bfd4cc404bd8029372_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:f54b96b6d08566acdc6d4babbcdc539a8709246aafac1ebdea67100a7f3bd52f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4341"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:e56a09fc05288a5a2ef9eb4ed9536b517e5a19b6317be07ac9caeed7cdabc2c3_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:49c4aebcd64396039f8e6d6cce6c55a92d6bbf6108ddf72bdc53606e26ac2b4a_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:67ef8c821c9b3bca057ea7199aef6e911cd7f7f999ddc2fdf82c8075794b0aa3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c65f10b5e11fd2310b21c4acbd56d1fed311e0dd69f7c33d6b2fa0e83bf2d64f_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:e0c2fee54eac82bb2db9458c66f5989d1ece106028facc0bf7630cdb10ce22d9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:907c78f7ca1b56bb2ddc79b5b5555c39fd061190aebe72862bbd672c94b248b0_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:8ff461c5c4c305e1ae2991bc5df6dbf98a51b0ecc4bace6706f574beea7f64dd_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:bb1a983e04d731a4e580cc0eff4216951ddc8a9eb27ed14b1960f2b434f3cd2e_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf018227104330f7930731e0807ae6e4e877890bb3ab9e6d726a6765c9609a06_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:d4baa438f24a85b8be45f0bd121d738af1503ebf18e2c54d655acb6cad9e50cc_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:44ba718456214efb36904719c4843c82449ccb18696925c7571324b4eb4a1c4c_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5575edf75617e0bd07aa97490cffd26f076aa0bcd82c3274538ab45d51e00225_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:bd46b16c0677fab4a383572c274edebbc69c571045ad449d3b5d421405f5672d_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:c2571e820b058d0b2baaa952a3c841646e777d7735561b1a43e1024ce606ff9a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4fdca7719007c06b5b749a4c89f80f6c9056150f9e60e00933c2c0ee1b7b6441_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:7af0fa05193b2f75a270c16355bcce6d2117183d59f5ed4d040d5a8e7d40e610_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:df161e83a11d953b4867faad7079fed1eead2e8fc727902b7ff9671f8d4b1c5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:f2d5044bc2af0ec3e78732ae8785d217e80ff18332fca0629ca06c7d481a0d9a_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:0f91fc53a5053e39de0fe264281a56a179a2b78718cfadec1e1b29506630ab70_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:34ce66194dfa6a7a20185095f0766ad57fc61225c080b67e558a81a81f815724_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3df6df351b2f6da84340867d2895db147313931f8d82479b8872da64bec6666a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f28aecb4013c43132d6261fd6817a65c2237dd8b5d9177999277ede0a228c79a_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:1683bf2947833563d426e07b078e14984ea9c4f2a6da2931979eba3277f6aa2a_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:337ee7e9da6cc5eeb19f5f2d626c264f02e4d928fc0966943da66e1feb3d9a7a_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9a6c4ab015df408ff848234705bf0fbff5332e85279485d2b758f23156a9c572_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:b6c6af01832e14bbfa3077448ee626daae770e1366efdc0f0784498f4d30e6b1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:403c0dd709adab3bc11330a6939e587dea1739cd5670965467f4760530f8df48_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:7123433d58b6579455cc263f19c85b63ea951d89f66e2b733bac98a9b7ceac4b_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:84fb35d90e834c43f5159b21140c8b94c21ea9124449425596799f80c7cd8020_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:d2555e8057588a34b60584b95514be1d85de61e9efa5bf3886182eb913c48a5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:5bb8f176d903c84ed9d07d21d80a5640c15d7e34d0aff8635f62db039602c64f_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:91d8fa588ddc7e633dd526aaa883e4a28a4cb9ac4a9ae69984c976f284779931_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:acb05b891cba1721d3eed20ecfa3b5d19a814b7759d718393c4df5d82f50c6ec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:c808aad73043d9cd7392bdaf6d15dd1a078296df5696bbfa597c811025f61201_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:51f0afaea8d8596a8fd538decc0b5ece7a05be30a9fb50f4a4a8b5e5d1c2a6fb_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:832579acb9582f50578a47750fe74b6e872422239aba5277173c6a0bdef51a04_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:955a2a4cdc1f1a350c4559a7d3ea755b4345477aac73f1b3768247845af277bb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:a5b0a709ba5f19c2e99114b4cd91f96848f503cca54b9cbdf44d4f592d27bc21_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:0375fb8d4343d67fff498cc1d70ea60a2f3bdec1b02462916a252c1d096232f6_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:2cd86e00137e4fa3ac2857c9f71766c43f514265e583f2efb34afda01f4f148c_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:d39a1cbbdc527136f4019717320fc2bf5de546e8f1155127b116c55cf066a61e_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:f9d15f9109b22d56825f56ec5c037e3f8af6119c022a43c4cfb0fa54bd297679_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:231a9410313b59e0a489a998fd85c92a8c538c461d2a2efaa6a5bf33c36a1aef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:5add092b1f4fea3a2e872f41b537635cbc23d874fb2fd9d8991928ec1fbfa3f5_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:caaf5d6ce2c02b38ede741333d43b8e316a10dd18c2501bfd4cc404bd8029372_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:f54b96b6d08566acdc6d4babbcdc539a8709246aafac1ebdea67100a7f3bd52f_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c8c3190680b643c4825b186270d4acfa0cc6ae86f90842dc23b6bad6766f8367_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:2b0f8aff7372bb80de5dee22455041afc6514238088adeb643ee3890d6ec0a4d_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:3167db2da135849cdf568ddad218197d71c807fa8526179fff339016afe6f87e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31b811aeb70106ae65bcba0f36554d536ec5152cd61e65ac6eb452ce669bb595_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:84bd7d93f70ada3fcc298e943d1f0cd96373c77f3da2f626a26b15121f5ee3c9_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:115fb8f4748722861fc80fe75e56f46d19ff2aa923ab9b03d6b16942750fff45_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:21d62198b0452caf49ec5563682897d1e4c5e03e9e1404ce9d9cf72a7de34ba4_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:375048d10fb7192713ca038f43d57e0b34010f7c5707344de7c0abe9b3e59616_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:723e07a7914053df8edabda59d00662f51b41b1f6d3138773100d4a7c2dfd43c_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:5468b32eb88305a16f127ebe3ffd8b3f71f70f3fcb709a71d99f2ff793624aae_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:56ed37d86ce09040ca99dcd7323725266ac8f125645784185c7efdfdec70385e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:7e2bd1808123b522d0542aeb738c57c005f079aebe23ea6f4065ff2d3ae731d7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9893a02da55a768baa6e70cd79dacc5cfb41a8b0624f9c5722a8f5faf842627a_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3b9c8eee3ff2d4368517b1934097a612bd56a69ab98809cfa951400314f3acc0_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7b729eacf413158e143ab4683a54ef7a33380ce9917fa3289df93f2288d6a6d2_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:d6ad099e497eaad1d8dc0f2d160e1869df48c39c3f38ff4e9254799249bc96ab_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:dcd90c4fb7fa7dcaed3a27b1e80d7215bab65cde107d58fd8cd54957323f9ea7_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:e56a09fc05288a5a2ef9eb4ed9536b517e5a19b6317be07ac9caeed7cdabc2c3_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:49c4aebcd64396039f8e6d6cce6c55a92d6bbf6108ddf72bdc53606e26ac2b4a_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:67ef8c821c9b3bca057ea7199aef6e911cd7f7f999ddc2fdf82c8075794b0aa3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c65f10b5e11fd2310b21c4acbd56d1fed311e0dd69f7c33d6b2fa0e83bf2d64f_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:e0c2fee54eac82bb2db9458c66f5989d1ece106028facc0bf7630cdb10ce22d9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:907c78f7ca1b56bb2ddc79b5b5555c39fd061190aebe72862bbd672c94b248b0_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:8ff461c5c4c305e1ae2991bc5df6dbf98a51b0ecc4bace6706f574beea7f64dd_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:bb1a983e04d731a4e580cc0eff4216951ddc8a9eb27ed14b1960f2b434f3cd2e_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf018227104330f7930731e0807ae6e4e877890bb3ab9e6d726a6765c9609a06_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:d4baa438f24a85b8be45f0bd121d738af1503ebf18e2c54d655acb6cad9e50cc_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:44ba718456214efb36904719c4843c82449ccb18696925c7571324b4eb4a1c4c_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5575edf75617e0bd07aa97490cffd26f076aa0bcd82c3274538ab45d51e00225_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:bd46b16c0677fab4a383572c274edebbc69c571045ad449d3b5d421405f5672d_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:c2571e820b058d0b2baaa952a3c841646e777d7735561b1a43e1024ce606ff9a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4fdca7719007c06b5b749a4c89f80f6c9056150f9e60e00933c2c0ee1b7b6441_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:7af0fa05193b2f75a270c16355bcce6d2117183d59f5ed4d040d5a8e7d40e610_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:df161e83a11d953b4867faad7079fed1eead2e8fc727902b7ff9671f8d4b1c5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:f2d5044bc2af0ec3e78732ae8785d217e80ff18332fca0629ca06c7d481a0d9a_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:0f91fc53a5053e39de0fe264281a56a179a2b78718cfadec1e1b29506630ab70_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:34ce66194dfa6a7a20185095f0766ad57fc61225c080b67e558a81a81f815724_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3df6df351b2f6da84340867d2895db147313931f8d82479b8872da64bec6666a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f28aecb4013c43132d6261fd6817a65c2237dd8b5d9177999277ede0a228c79a_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:1683bf2947833563d426e07b078e14984ea9c4f2a6da2931979eba3277f6aa2a_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:337ee7e9da6cc5eeb19f5f2d626c264f02e4d928fc0966943da66e1feb3d9a7a_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9a6c4ab015df408ff848234705bf0fbff5332e85279485d2b758f23156a9c572_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:b6c6af01832e14bbfa3077448ee626daae770e1366efdc0f0784498f4d30e6b1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:403c0dd709adab3bc11330a6939e587dea1739cd5670965467f4760530f8df48_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:7123433d58b6579455cc263f19c85b63ea951d89f66e2b733bac98a9b7ceac4b_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:84fb35d90e834c43f5159b21140c8b94c21ea9124449425596799f80c7cd8020_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:d2555e8057588a34b60584b95514be1d85de61e9efa5bf3886182eb913c48a5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:5bb8f176d903c84ed9d07d21d80a5640c15d7e34d0aff8635f62db039602c64f_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:91d8fa588ddc7e633dd526aaa883e4a28a4cb9ac4a9ae69984c976f284779931_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:acb05b891cba1721d3eed20ecfa3b5d19a814b7759d718393c4df5d82f50c6ec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:c808aad73043d9cd7392bdaf6d15dd1a078296df5696bbfa597c811025f61201_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:51f0afaea8d8596a8fd538decc0b5ece7a05be30a9fb50f4a4a8b5e5d1c2a6fb_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:832579acb9582f50578a47750fe74b6e872422239aba5277173c6a0bdef51a04_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:955a2a4cdc1f1a350c4559a7d3ea755b4345477aac73f1b3768247845af277bb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:a5b0a709ba5f19c2e99114b4cd91f96848f503cca54b9cbdf44d4f592d27bc21_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:0375fb8d4343d67fff498cc1d70ea60a2f3bdec1b02462916a252c1d096232f6_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:2cd86e00137e4fa3ac2857c9f71766c43f514265e583f2efb34afda01f4f148c_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:d39a1cbbdc527136f4019717320fc2bf5de546e8f1155127b116c55cf066a61e_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:f9d15f9109b22d56825f56ec5c037e3f8af6119c022a43c4cfb0fa54bd297679_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:231a9410313b59e0a489a998fd85c92a8c538c461d2a2efaa6a5bf33c36a1aef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:5add092b1f4fea3a2e872f41b537635cbc23d874fb2fd9d8991928ec1fbfa3f5_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:caaf5d6ce2c02b38ede741333d43b8e316a10dd18c2501bfd4cc404bd8029372_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:f54b96b6d08566acdc6d4babbcdc539a8709246aafac1ebdea67100a7f3bd52f_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c8c3190680b643c4825b186270d4acfa0cc6ae86f90842dc23b6bad6766f8367_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:2b0f8aff7372bb80de5dee22455041afc6514238088adeb643ee3890d6ec0a4d_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:3167db2da135849cdf568ddad218197d71c807fa8526179fff339016afe6f87e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31b811aeb70106ae65bcba0f36554d536ec5152cd61e65ac6eb452ce669bb595_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:84bd7d93f70ada3fcc298e943d1f0cd96373c77f3da2f626a26b15121f5ee3c9_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:115fb8f4748722861fc80fe75e56f46d19ff2aa923ab9b03d6b16942750fff45_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:21d62198b0452caf49ec5563682897d1e4c5e03e9e1404ce9d9cf72a7de34ba4_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:375048d10fb7192713ca038f43d57e0b34010f7c5707344de7c0abe9b3e59616_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:723e07a7914053df8edabda59d00662f51b41b1f6d3138773100d4a7c2dfd43c_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:5468b32eb88305a16f127ebe3ffd8b3f71f70f3fcb709a71d99f2ff793624aae_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:56ed37d86ce09040ca99dcd7323725266ac8f125645784185c7efdfdec70385e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:7e2bd1808123b522d0542aeb738c57c005f079aebe23ea6f4065ff2d3ae731d7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9893a02da55a768baa6e70cd79dacc5cfb41a8b0624f9c5722a8f5faf842627a_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3b9c8eee3ff2d4368517b1934097a612bd56a69ab98809cfa951400314f3acc0_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7b729eacf413158e143ab4683a54ef7a33380ce9917fa3289df93f2288d6a6d2_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:d6ad099e497eaad1d8dc0f2d160e1869df48c39c3f38ff4e9254799249bc96ab_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:dcd90c4fb7fa7dcaed3a27b1e80d7215bab65cde107d58fd8cd54957323f9ea7_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-semver: Regular expression denial of service"
},
{
"cve": "CVE-2023-22796",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-01-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:e56a09fc05288a5a2ef9eb4ed9536b517e5a19b6317be07ac9caeed7cdabc2c3_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:49c4aebcd64396039f8e6d6cce6c55a92d6bbf6108ddf72bdc53606e26ac2b4a_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:67ef8c821c9b3bca057ea7199aef6e911cd7f7f999ddc2fdf82c8075794b0aa3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c65f10b5e11fd2310b21c4acbd56d1fed311e0dd69f7c33d6b2fa0e83bf2d64f_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:e0c2fee54eac82bb2db9458c66f5989d1ece106028facc0bf7630cdb10ce22d9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:907c78f7ca1b56bb2ddc79b5b5555c39fd061190aebe72862bbd672c94b248b0_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:8ff461c5c4c305e1ae2991bc5df6dbf98a51b0ecc4bace6706f574beea7f64dd_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:bb1a983e04d731a4e580cc0eff4216951ddc8a9eb27ed14b1960f2b434f3cd2e_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf018227104330f7930731e0807ae6e4e877890bb3ab9e6d726a6765c9609a06_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:d4baa438f24a85b8be45f0bd121d738af1503ebf18e2c54d655acb6cad9e50cc_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:44ba718456214efb36904719c4843c82449ccb18696925c7571324b4eb4a1c4c_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5575edf75617e0bd07aa97490cffd26f076aa0bcd82c3274538ab45d51e00225_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:bd46b16c0677fab4a383572c274edebbc69c571045ad449d3b5d421405f5672d_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:c2571e820b058d0b2baaa952a3c841646e777d7735561b1a43e1024ce606ff9a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4fdca7719007c06b5b749a4c89f80f6c9056150f9e60e00933c2c0ee1b7b6441_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:7af0fa05193b2f75a270c16355bcce6d2117183d59f5ed4d040d5a8e7d40e610_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:df161e83a11d953b4867faad7079fed1eead2e8fc727902b7ff9671f8d4b1c5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:f2d5044bc2af0ec3e78732ae8785d217e80ff18332fca0629ca06c7d481a0d9a_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:0f91fc53a5053e39de0fe264281a56a179a2b78718cfadec1e1b29506630ab70_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:34ce66194dfa6a7a20185095f0766ad57fc61225c080b67e558a81a81f815724_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3df6df351b2f6da84340867d2895db147313931f8d82479b8872da64bec6666a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f28aecb4013c43132d6261fd6817a65c2237dd8b5d9177999277ede0a228c79a_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:403c0dd709adab3bc11330a6939e587dea1739cd5670965467f4760530f8df48_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:7123433d58b6579455cc263f19c85b63ea951d89f66e2b733bac98a9b7ceac4b_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:84fb35d90e834c43f5159b21140c8b94c21ea9124449425596799f80c7cd8020_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:d2555e8057588a34b60584b95514be1d85de61e9efa5bf3886182eb913c48a5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:5bb8f176d903c84ed9d07d21d80a5640c15d7e34d0aff8635f62db039602c64f_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:91d8fa588ddc7e633dd526aaa883e4a28a4cb9ac4a9ae69984c976f284779931_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:acb05b891cba1721d3eed20ecfa3b5d19a814b7759d718393c4df5d82f50c6ec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:c808aad73043d9cd7392bdaf6d15dd1a078296df5696bbfa597c811025f61201_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:51f0afaea8d8596a8fd538decc0b5ece7a05be30a9fb50f4a4a8b5e5d1c2a6fb_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:832579acb9582f50578a47750fe74b6e872422239aba5277173c6a0bdef51a04_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:955a2a4cdc1f1a350c4559a7d3ea755b4345477aac73f1b3768247845af277bb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:a5b0a709ba5f19c2e99114b4cd91f96848f503cca54b9cbdf44d4f592d27bc21_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:0375fb8d4343d67fff498cc1d70ea60a2f3bdec1b02462916a252c1d096232f6_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:2cd86e00137e4fa3ac2857c9f71766c43f514265e583f2efb34afda01f4f148c_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:d39a1cbbdc527136f4019717320fc2bf5de546e8f1155127b116c55cf066a61e_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:f9d15f9109b22d56825f56ec5c037e3f8af6119c022a43c4cfb0fa54bd297679_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:231a9410313b59e0a489a998fd85c92a8c538c461d2a2efaa6a5bf33c36a1aef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:5add092b1f4fea3a2e872f41b537635cbc23d874fb2fd9d8991928ec1fbfa3f5_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:caaf5d6ce2c02b38ede741333d43b8e316a10dd18c2501bfd4cc404bd8029372_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:f54b96b6d08566acdc6d4babbcdc539a8709246aafac1ebdea67100a7f3bd52f_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c8c3190680b643c4825b186270d4acfa0cc6ae86f90842dc23b6bad6766f8367_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:2b0f8aff7372bb80de5dee22455041afc6514238088adeb643ee3890d6ec0a4d_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:3167db2da135849cdf568ddad218197d71c807fa8526179fff339016afe6f87e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31b811aeb70106ae65bcba0f36554d536ec5152cd61e65ac6eb452ce669bb595_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:84bd7d93f70ada3fcc298e943d1f0cd96373c77f3da2f626a26b15121f5ee3c9_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:115fb8f4748722861fc80fe75e56f46d19ff2aa923ab9b03d6b16942750fff45_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:21d62198b0452caf49ec5563682897d1e4c5e03e9e1404ce9d9cf72a7de34ba4_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:375048d10fb7192713ca038f43d57e0b34010f7c5707344de7c0abe9b3e59616_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:723e07a7914053df8edabda59d00662f51b41b1f6d3138773100d4a7c2dfd43c_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:5468b32eb88305a16f127ebe3ffd8b3f71f70f3fcb709a71d99f2ff793624aae_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:56ed37d86ce09040ca99dcd7323725266ac8f125645784185c7efdfdec70385e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:7e2bd1808123b522d0542aeb738c57c005f079aebe23ea6f4065ff2d3ae731d7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9893a02da55a768baa6e70cd79dacc5cfb41a8b0624f9c5722a8f5faf842627a_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3b9c8eee3ff2d4368517b1934097a612bd56a69ab98809cfa951400314f3acc0_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7b729eacf413158e143ab4683a54ef7a33380ce9917fa3289df93f2288d6a6d2_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:d6ad099e497eaad1d8dc0f2d160e1869df48c39c3f38ff4e9254799249bc96ab_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:dcd90c4fb7fa7dcaed3a27b1e80d7215bab65cde107d58fd8cd54957323f9ea7_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164736"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in rubygem-activesupport. RubyGem\u0027s activesupport gem is vulnerable to a denial of service caused by a regular expression denial of service (ReDoS) flaw in Inflector.underscore. By sending a specially-crafted regex input, a remote attacker can use large amounts of CPU and memory, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-activesupport: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:1683bf2947833563d426e07b078e14984ea9c4f2a6da2931979eba3277f6aa2a_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:337ee7e9da6cc5eeb19f5f2d626c264f02e4d928fc0966943da66e1feb3d9a7a_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9a6c4ab015df408ff848234705bf0fbff5332e85279485d2b758f23156a9c572_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:b6c6af01832e14bbfa3077448ee626daae770e1366efdc0f0784498f4d30e6b1_s390x"
],
"known_not_affected": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:e56a09fc05288a5a2ef9eb4ed9536b517e5a19b6317be07ac9caeed7cdabc2c3_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:49c4aebcd64396039f8e6d6cce6c55a92d6bbf6108ddf72bdc53606e26ac2b4a_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:67ef8c821c9b3bca057ea7199aef6e911cd7f7f999ddc2fdf82c8075794b0aa3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c65f10b5e11fd2310b21c4acbd56d1fed311e0dd69f7c33d6b2fa0e83bf2d64f_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:e0c2fee54eac82bb2db9458c66f5989d1ece106028facc0bf7630cdb10ce22d9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:907c78f7ca1b56bb2ddc79b5b5555c39fd061190aebe72862bbd672c94b248b0_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:8ff461c5c4c305e1ae2991bc5df6dbf98a51b0ecc4bace6706f574beea7f64dd_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:bb1a983e04d731a4e580cc0eff4216951ddc8a9eb27ed14b1960f2b434f3cd2e_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf018227104330f7930731e0807ae6e4e877890bb3ab9e6d726a6765c9609a06_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:d4baa438f24a85b8be45f0bd121d738af1503ebf18e2c54d655acb6cad9e50cc_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:44ba718456214efb36904719c4843c82449ccb18696925c7571324b4eb4a1c4c_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5575edf75617e0bd07aa97490cffd26f076aa0bcd82c3274538ab45d51e00225_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:bd46b16c0677fab4a383572c274edebbc69c571045ad449d3b5d421405f5672d_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:c2571e820b058d0b2baaa952a3c841646e777d7735561b1a43e1024ce606ff9a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4fdca7719007c06b5b749a4c89f80f6c9056150f9e60e00933c2c0ee1b7b6441_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:7af0fa05193b2f75a270c16355bcce6d2117183d59f5ed4d040d5a8e7d40e610_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:df161e83a11d953b4867faad7079fed1eead2e8fc727902b7ff9671f8d4b1c5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:f2d5044bc2af0ec3e78732ae8785d217e80ff18332fca0629ca06c7d481a0d9a_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:0f91fc53a5053e39de0fe264281a56a179a2b78718cfadec1e1b29506630ab70_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:34ce66194dfa6a7a20185095f0766ad57fc61225c080b67e558a81a81f815724_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3df6df351b2f6da84340867d2895db147313931f8d82479b8872da64bec6666a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f28aecb4013c43132d6261fd6817a65c2237dd8b5d9177999277ede0a228c79a_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:403c0dd709adab3bc11330a6939e587dea1739cd5670965467f4760530f8df48_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:7123433d58b6579455cc263f19c85b63ea951d89f66e2b733bac98a9b7ceac4b_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:84fb35d90e834c43f5159b21140c8b94c21ea9124449425596799f80c7cd8020_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:d2555e8057588a34b60584b95514be1d85de61e9efa5bf3886182eb913c48a5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:5bb8f176d903c84ed9d07d21d80a5640c15d7e34d0aff8635f62db039602c64f_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:91d8fa588ddc7e633dd526aaa883e4a28a4cb9ac4a9ae69984c976f284779931_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:acb05b891cba1721d3eed20ecfa3b5d19a814b7759d718393c4df5d82f50c6ec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:c808aad73043d9cd7392bdaf6d15dd1a078296df5696bbfa597c811025f61201_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:51f0afaea8d8596a8fd538decc0b5ece7a05be30a9fb50f4a4a8b5e5d1c2a6fb_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:832579acb9582f50578a47750fe74b6e872422239aba5277173c6a0bdef51a04_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:955a2a4cdc1f1a350c4559a7d3ea755b4345477aac73f1b3768247845af277bb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:a5b0a709ba5f19c2e99114b4cd91f96848f503cca54b9cbdf44d4f592d27bc21_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:0375fb8d4343d67fff498cc1d70ea60a2f3bdec1b02462916a252c1d096232f6_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:2cd86e00137e4fa3ac2857c9f71766c43f514265e583f2efb34afda01f4f148c_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:d39a1cbbdc527136f4019717320fc2bf5de546e8f1155127b116c55cf066a61e_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:f9d15f9109b22d56825f56ec5c037e3f8af6119c022a43c4cfb0fa54bd297679_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:231a9410313b59e0a489a998fd85c92a8c538c461d2a2efaa6a5bf33c36a1aef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:5add092b1f4fea3a2e872f41b537635cbc23d874fb2fd9d8991928ec1fbfa3f5_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:caaf5d6ce2c02b38ede741333d43b8e316a10dd18c2501bfd4cc404bd8029372_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:f54b96b6d08566acdc6d4babbcdc539a8709246aafac1ebdea67100a7f3bd52f_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c8c3190680b643c4825b186270d4acfa0cc6ae86f90842dc23b6bad6766f8367_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:2b0f8aff7372bb80de5dee22455041afc6514238088adeb643ee3890d6ec0a4d_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:3167db2da135849cdf568ddad218197d71c807fa8526179fff339016afe6f87e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31b811aeb70106ae65bcba0f36554d536ec5152cd61e65ac6eb452ce669bb595_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:84bd7d93f70ada3fcc298e943d1f0cd96373c77f3da2f626a26b15121f5ee3c9_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:115fb8f4748722861fc80fe75e56f46d19ff2aa923ab9b03d6b16942750fff45_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:21d62198b0452caf49ec5563682897d1e4c5e03e9e1404ce9d9cf72a7de34ba4_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:375048d10fb7192713ca038f43d57e0b34010f7c5707344de7c0abe9b3e59616_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:723e07a7914053df8edabda59d00662f51b41b1f6d3138773100d4a7c2dfd43c_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:5468b32eb88305a16f127ebe3ffd8b3f71f70f3fcb709a71d99f2ff793624aae_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:56ed37d86ce09040ca99dcd7323725266ac8f125645784185c7efdfdec70385e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:7e2bd1808123b522d0542aeb738c57c005f079aebe23ea6f4065ff2d3ae731d7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9893a02da55a768baa6e70cd79dacc5cfb41a8b0624f9c5722a8f5faf842627a_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3b9c8eee3ff2d4368517b1934097a612bd56a69ab98809cfa951400314f3acc0_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7b729eacf413158e143ab4683a54ef7a33380ce9917fa3289df93f2288d6a6d2_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:d6ad099e497eaad1d8dc0f2d160e1869df48c39c3f38ff4e9254799249bc96ab_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:dcd90c4fb7fa7dcaed3a27b1e80d7215bab65cde107d58fd8cd54957323f9ea7_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-22796"
},
{
"category": "external",
"summary": "RHBZ#2164736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164736"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22796"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-j6gc-792m-qgm2",
"url": "https://github.com/advisories/GHSA-j6gc-792m-qgm2"
}
],
"release_date": "2023-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-08-02T13:49:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:1683bf2947833563d426e07b078e14984ea9c4f2a6da2931979eba3277f6aa2a_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:337ee7e9da6cc5eeb19f5f2d626c264f02e4d928fc0966943da66e1feb3d9a7a_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9a6c4ab015df408ff848234705bf0fbff5332e85279485d2b758f23156a9c572_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:b6c6af01832e14bbfa3077448ee626daae770e1366efdc0f0784498f4d30e6b1_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4341"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:e56a09fc05288a5a2ef9eb4ed9536b517e5a19b6317be07ac9caeed7cdabc2c3_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:49c4aebcd64396039f8e6d6cce6c55a92d6bbf6108ddf72bdc53606e26ac2b4a_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:67ef8c821c9b3bca057ea7199aef6e911cd7f7f999ddc2fdf82c8075794b0aa3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c65f10b5e11fd2310b21c4acbd56d1fed311e0dd69f7c33d6b2fa0e83bf2d64f_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:e0c2fee54eac82bb2db9458c66f5989d1ece106028facc0bf7630cdb10ce22d9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:907c78f7ca1b56bb2ddc79b5b5555c39fd061190aebe72862bbd672c94b248b0_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:8ff461c5c4c305e1ae2991bc5df6dbf98a51b0ecc4bace6706f574beea7f64dd_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:bb1a983e04d731a4e580cc0eff4216951ddc8a9eb27ed14b1960f2b434f3cd2e_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:cf018227104330f7930731e0807ae6e4e877890bb3ab9e6d726a6765c9609a06_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:d4baa438f24a85b8be45f0bd121d738af1503ebf18e2c54d655acb6cad9e50cc_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:44ba718456214efb36904719c4843c82449ccb18696925c7571324b4eb4a1c4c_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5575edf75617e0bd07aa97490cffd26f076aa0bcd82c3274538ab45d51e00225_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:bd46b16c0677fab4a383572c274edebbc69c571045ad449d3b5d421405f5672d_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:c2571e820b058d0b2baaa952a3c841646e777d7735561b1a43e1024ce606ff9a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4fdca7719007c06b5b749a4c89f80f6c9056150f9e60e00933c2c0ee1b7b6441_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:7af0fa05193b2f75a270c16355bcce6d2117183d59f5ed4d040d5a8e7d40e610_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:df161e83a11d953b4867faad7079fed1eead2e8fc727902b7ff9671f8d4b1c5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:f2d5044bc2af0ec3e78732ae8785d217e80ff18332fca0629ca06c7d481a0d9a_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:0f91fc53a5053e39de0fe264281a56a179a2b78718cfadec1e1b29506630ab70_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:34ce66194dfa6a7a20185095f0766ad57fc61225c080b67e558a81a81f815724_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3df6df351b2f6da84340867d2895db147313931f8d82479b8872da64bec6666a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f28aecb4013c43132d6261fd6817a65c2237dd8b5d9177999277ede0a228c79a_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:1683bf2947833563d426e07b078e14984ea9c4f2a6da2931979eba3277f6aa2a_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:337ee7e9da6cc5eeb19f5f2d626c264f02e4d928fc0966943da66e1feb3d9a7a_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9a6c4ab015df408ff848234705bf0fbff5332e85279485d2b758f23156a9c572_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:b6c6af01832e14bbfa3077448ee626daae770e1366efdc0f0784498f4d30e6b1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:403c0dd709adab3bc11330a6939e587dea1739cd5670965467f4760530f8df48_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:7123433d58b6579455cc263f19c85b63ea951d89f66e2b733bac98a9b7ceac4b_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:84fb35d90e834c43f5159b21140c8b94c21ea9124449425596799f80c7cd8020_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:d2555e8057588a34b60584b95514be1d85de61e9efa5bf3886182eb913c48a5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:5bb8f176d903c84ed9d07d21d80a5640c15d7e34d0aff8635f62db039602c64f_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:91d8fa588ddc7e633dd526aaa883e4a28a4cb9ac4a9ae69984c976f284779931_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:acb05b891cba1721d3eed20ecfa3b5d19a814b7759d718393c4df5d82f50c6ec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:c808aad73043d9cd7392bdaf6d15dd1a078296df5696bbfa597c811025f61201_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:51f0afaea8d8596a8fd538decc0b5ece7a05be30a9fb50f4a4a8b5e5d1c2a6fb_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:832579acb9582f50578a47750fe74b6e872422239aba5277173c6a0bdef51a04_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:955a2a4cdc1f1a350c4559a7d3ea755b4345477aac73f1b3768247845af277bb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:a5b0a709ba5f19c2e99114b4cd91f96848f503cca54b9cbdf44d4f592d27bc21_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:0375fb8d4343d67fff498cc1d70ea60a2f3bdec1b02462916a252c1d096232f6_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:2cd86e00137e4fa3ac2857c9f71766c43f514265e583f2efb34afda01f4f148c_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:d39a1cbbdc527136f4019717320fc2bf5de546e8f1155127b116c55cf066a61e_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:f9d15f9109b22d56825f56ec5c037e3f8af6119c022a43c4cfb0fa54bd297679_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:231a9410313b59e0a489a998fd85c92a8c538c461d2a2efaa6a5bf33c36a1aef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:5add092b1f4fea3a2e872f41b537635cbc23d874fb2fd9d8991928ec1fbfa3f5_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:caaf5d6ce2c02b38ede741333d43b8e316a10dd18c2501bfd4cc404bd8029372_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:f54b96b6d08566acdc6d4babbcdc539a8709246aafac1ebdea67100a7f3bd52f_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c8c3190680b643c4825b186270d4acfa0cc6ae86f90842dc23b6bad6766f8367_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:2b0f8aff7372bb80de5dee22455041afc6514238088adeb643ee3890d6ec0a4d_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:3167db2da135849cdf568ddad218197d71c807fa8526179fff339016afe6f87e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31b811aeb70106ae65bcba0f36554d536ec5152cd61e65ac6eb452ce669bb595_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:84bd7d93f70ada3fcc298e943d1f0cd96373c77f3da2f626a26b15121f5ee3c9_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:115fb8f4748722861fc80fe75e56f46d19ff2aa923ab9b03d6b16942750fff45_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:21d62198b0452caf49ec5563682897d1e4c5e03e9e1404ce9d9cf72a7de34ba4_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:375048d10fb7192713ca038f43d57e0b34010f7c5707344de7c0abe9b3e59616_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:723e07a7914053df8edabda59d00662f51b41b1f6d3138773100d4a7c2dfd43c_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:5468b32eb88305a16f127ebe3ffd8b3f71f70f3fcb709a71d99f2ff793624aae_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:56ed37d86ce09040ca99dcd7323725266ac8f125645784185c7efdfdec70385e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:7e2bd1808123b522d0542aeb738c57c005f079aebe23ea6f4065ff2d3ae731d7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9893a02da55a768baa6e70cd79dacc5cfb41a8b0624f9c5722a8f5faf842627a_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3b9c8eee3ff2d4368517b1934097a612bd56a69ab98809cfa951400314f3acc0_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7b729eacf413158e143ab4683a54ef7a33380ce9917fa3289df93f2288d6a6d2_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:d6ad099e497eaad1d8dc0f2d160e1869df48c39c3f38ff4e9254799249bc96ab_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:dcd90c4fb7fa7dcaed3a27b1e80d7215bab65cde107d58fd8cd54957323f9ea7_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-activesupport: Regular Expression Denial of Service"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…