Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-3162 (GCVE-0-2022-3162)
Vulnerability from cvelistv5 – Published: 2023-03-01 00:00 – Updated: 2025-03-07 18:35
VLAI
EPSS
Title
Unauthorized read of Custom Resources
Summary
Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Kubernetes | Kubernetes |
Affected:
unspecified , ≤ v1.25.3
(custom)
Affected: unspecified , ≤ v1.24.7 (custom) Affected: unspecified , ≤ v1.23.13 (custom) Affected: unspecified , ≤ v1.22.15 (custom) |
Date Public
2022-11-10 00:00
Credits
Richard Turnbull of NCC Group
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:00:10.812Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/kubernetes-security-announce/c/iUd550j7kjA"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kubernetes/kubernetes/issues/113756"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230511-0004/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-3162",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-07T18:34:51.328440Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-07T18:35:03.127Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Kubernetes",
"vendor": "Kubernetes",
"versions": [
{
"lessThanOrEqual": "v1.25.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "v1.24.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "v1.23.13",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "v1.22.15",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Richard Turnbull of NCC Group"
}
],
"datePublic": "2022-11-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23 Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-11T00:00:00.000Z",
"orgId": "a6081bf6-c852-4425-ad4f-a67919267565",
"shortName": "kubernetes"
},
"references": [
{
"url": "https://groups.google.com/g/kubernetes-security-announce/c/iUd550j7kjA"
},
{
"url": "https://github.com/kubernetes/kubernetes/issues/113756"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0004/"
}
],
"source": {
"defect": [
"https://github.com/kubernetes/kubernetes/issues/113756"
],
"discovery": "EXTERNAL"
},
"title": "Unauthorized read of Custom Resources",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565",
"assignerShortName": "kubernetes",
"cveId": "CVE-2022-3162",
"datePublished": "2023-03-01T00:00:00.000Z",
"dateReserved": "2022-09-08T00:00:00.000Z",
"dateUpdated": "2025-03-07T18:35:03.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-3162",
"date": "2026-06-20",
"epss": "0.01191",
"percentile": "0.63932"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.22.15\", \"matchCriteriaId\": \"1780A92B-C6FB-410B-8374-88D1D296816A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.23.0\", \"versionEndIncluding\": \"1.23.13\", \"matchCriteriaId\": \"A09EA928-A8A1-4CEC-A16F-AD65BD31A9D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.24.0\", \"versionEndIncluding\": \"1.24.7\", \"matchCriteriaId\": \"DDE00AE9-4CCC-49AA-B5D4-80A6FAE0FCB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.25.0\", \"versionEndIncluding\": \"1.25.3\", \"matchCriteriaId\": \"A01548FA-CE9A-4ACB-8AC5-C85F16BC134B\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group.\"}]",
"id": "CVE-2022-3162",
"lastModified": "2024-11-21T07:18:57.453",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"jordan@liggitt.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}]}",
"published": "2023-03-01T19:15:25.457",
"references": "[{\"url\": \"https://github.com/kubernetes/kubernetes/issues/113756\", \"source\": \"jordan@liggitt.net\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://groups.google.com/g/kubernetes-security-announce/c/iUd550j7kjA\", \"source\": \"jordan@liggitt.net\", \"tags\": [\"Mailing List\", \"Vendor Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230511-0004/\", \"source\": \"jordan@liggitt.net\"}, {\"url\": \"https://github.com/kubernetes/kubernetes/issues/113756\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://groups.google.com/g/kubernetes-security-announce/c/iUd550j7kjA\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Vendor Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230511-0004/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "jordan@liggitt.net",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"jordan@liggitt.net\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-23\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-3162\",\"sourceIdentifier\":\"jordan@liggitt.net\",\"published\":\"2023-03-01T19:15:25.457\",\"lastModified\":\"2024-11-21T07:18:57.453\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"jordan@liggitt.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"jordan@liggitt.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-23\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.22.15\",\"matchCriteriaId\":\"1780A92B-C6FB-410B-8374-88D1D296816A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.23.0\",\"versionEndIncluding\":\"1.23.13\",\"matchCriteriaId\":\"A09EA928-A8A1-4CEC-A16F-AD65BD31A9D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.24.0\",\"versionEndIncluding\":\"1.24.7\",\"matchCriteriaId\":\"DDE00AE9-4CCC-49AA-B5D4-80A6FAE0FCB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.25.0\",\"versionEndIncluding\":\"1.25.3\",\"matchCriteriaId\":\"A01548FA-CE9A-4ACB-8AC5-C85F16BC134B\"}]}]}],\"references\":[{\"url\":\"https://github.com/kubernetes/kubernetes/issues/113756\",\"source\":\"jordan@liggitt.net\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://groups.google.com/g/kubernetes-security-announce/c/iUd550j7kjA\",\"source\":\"jordan@liggitt.net\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20230511-0004/\",\"source\":\"jordan@liggitt.net\"},{\"url\":\"https://github.com/kubernetes/kubernetes/issues/113756\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://groups.google.com/g/kubernetes-security-announce/c/iUd550j7kjA\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20230511-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://groups.google.com/g/kubernetes-security-announce/c/iUd550j7kjA\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/kubernetes/kubernetes/issues/113756\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230511-0004/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T01:00:10.812Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-3162\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-07T18:34:51.328440Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-07T18:34:57.650Z\"}}], \"cna\": {\"title\": \"Unauthorized read of Custom Resources\", \"source\": {\"defect\": [\"https://github.com/kubernetes/kubernetes/issues/113756\"], \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"value\": \"Richard Turnbull of NCC Group\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Kubernetes\", \"product\": \"Kubernetes\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"v1.25.3\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"v1.24.7\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"v1.23.13\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"v1.22.15\"}]}], \"datePublic\": \"2022-11-10T00:00:00.000Z\", \"references\": [{\"url\": \"https://groups.google.com/g/kubernetes-security-announce/c/iUd550j7kjA\"}, {\"url\": \"https://github.com/kubernetes/kubernetes/issues/113756\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230511-0004/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-23\", \"description\": \"CWE-23 Relative Path Traversal\"}]}], \"providerMetadata\": {\"orgId\": \"a6081bf6-c852-4425-ad4f-a67919267565\", \"shortName\": \"kubernetes\", \"dateUpdated\": \"2023-05-11T00:00:00.000Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-3162\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-07T18:35:03.127Z\", \"dateReserved\": \"2022-09-08T00:00:00.000Z\", \"assignerOrgId\": \"a6081bf6-c852-4425-ad4f-a67919267565\", \"datePublished\": \"2023-03-01T00:00:00.000Z\", \"assignerShortName\": \"kubernetes\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2023:0772
Vulnerability from csaf_redhat - Published: 2023-02-20 18:33 - Updated: 2026-03-18 02:20Summary
Red Hat Security Advisory: OpenShift Container Platform 4.12.4 security update
Severity
Moderate
Notes
Topic: Red Hat build of MicroShift release 4.12.4 is now available with updates to packages and images that fix several bugs.
This release includes a security update for the Red Hat build of MicroShift 4.12.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built from the edge capabilities of Red Hat OpenShift. MicroShift is an application that is deployed on top of Red Hat Enterprise Linux devices at the edge, providing an efficient way to operate single-node clusters in these low-resource environments.
This advisory contains the RPM packages for Red Hat build of MicroShift 4.12.4. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHSA-2023:0769
Security Fix(es):
* kubernetes: Unauthorized read of Custom Resources (CVE-2022-3162)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. All the bug fixes may not be documented in this advisory. See the following release notes documentation for details about these changes:
https://access.redhat.com/documentation/en-us/microshift/4.12/html/release_notes/index
All Red Hat build of MicroShift 4.12 users are advised to use these updated packages and images when they are available in the RPM repository.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in kubernetes. Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different kind in the same API group they are not authorized to read.
6.5 (Medium)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
10 references
Acknowledgments
Kubernetes Security Response Committee
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat build of MicroShift release 4.12.4 is now available with updates to packages and images that fix several bugs. \n\nThis release includes a security update for the Red Hat build of MicroShift 4.12. \n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat build of MicroShift is Red Hat\u0027s light-weight Kubernetes orchestration solution designed for edge device deployments and is built from the edge capabilities of Red Hat OpenShift. MicroShift is an application that is deployed on top of Red Hat Enterprise Linux devices at the edge, providing an efficient way to operate single-node clusters in these low-resource environments.\n\nThis advisory contains the RPM packages for Red Hat build of MicroShift 4.12.4. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2023:0769\n\nSecurity Fix(es):\n\n* kubernetes: Unauthorized read of Custom Resources (CVE-2022-3162)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. All the bug fixes may not be documented in this advisory. See the following release notes documentation for details about these changes:\n\nhttps://access.redhat.com/documentation/en-us/microshift/4.12/html/release_notes/index\n\nAll Red Hat build of MicroShift 4.12 users are advised to use these updated packages and images when they are available in the RPM repository.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0772",
"url": "https://access.redhat.com/errata/RHSA-2023:0772"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2136673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136673"
},
{
"category": "external",
"summary": "OCPBUGS-6908",
"url": "https://issues.redhat.com/browse/OCPBUGS-6908"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0772.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.12.4 security update",
"tracking": {
"current_release_date": "2026-03-18T02:20:42+00:00",
"generator": {
"date": "2026-03-18T02:20:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2023:0772",
"initial_release_date": "2023-02-20T18:33:05+00:00",
"revision_history": [
{
"date": "2023-02-20T18:33:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-02-20T18:33:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T02:20:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.12",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.12::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src",
"product": {
"name": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src",
"product_id": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microshift@4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"product": {
"name": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"product_id": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microshift@4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"product": {
"name": "microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"product_id": "microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microshift-networking@4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"product": {
"name": "microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"product_id": "microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microshift-release-info@4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"product": {
"name": "microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"product_id": "microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microshift-selinux@4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src"
},
"product_reference": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64"
},
"product_reference": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64"
},
"product_reference": "microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch"
},
"product_reference": "microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch"
},
"product_reference": "microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.12"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Kubernetes Security Response Committee"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-3162",
"discovery_date": "2022-10-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136673"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in kubernetes. Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different kind in the same API group they are not authorized to read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes: Unauthorized read of Custom Resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src",
"8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"8Base-RHOSE-4.12:microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"8Base-RHOSE-4.12:microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"8Base-RHOSE-4.12:microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3162"
},
{
"category": "external",
"summary": "RHBZ#2136673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136673"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3162",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3162"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3162",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3162"
},
{
"category": "external",
"summary": "https://github.com/kubernetes/kubernetes/issues/113756",
"url": "https://github.com/kubernetes/kubernetes/issues/113756"
}
],
"release_date": "2022-11-10T16:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-20T18:33:05+00:00",
"details": "MicroShift 4.12.4 - RPMs\n\nFor MicroShift 4.12, read the following documentation, which will be updated shortly for this release, for important instructions on how to install the latest RPMs and fully apply this asynchronous errata update:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_build_of_microshift/4.12/html/release_notes/index",
"product_ids": [
"8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src",
"8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"8Base-RHOSE-4.12:microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"8Base-RHOSE-4.12:microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"8Base-RHOSE-4.12:microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0772"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src",
"8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"8Base-RHOSE-4.12:microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"8Base-RHOSE-4.12:microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"8Base-RHOSE-4.12:microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes: Unauthorized read of Custom Resources"
}
]
}
RHSA-2023_0772
Vulnerability from csaf_redhat - Published: 2023-02-20 18:33 - Updated: 2024-11-22 20:52Summary
Red Hat Security Advisory: OpenShift Container Platform 4.12.4 security update
Severity
Moderate
Notes
Topic: Red Hat build of MicroShift release 4.12.4 is now available with updates to packages and images that fix several bugs.
This release includes a security update for the Red Hat build of MicroShift 4.12.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built from the edge capabilities of Red Hat OpenShift. MicroShift is an application that is deployed on top of Red Hat Enterprise Linux devices at the edge, providing an efficient way to operate single-node clusters in these low-resource environments.
This advisory contains the RPM packages for Red Hat build of MicroShift 4.12.4. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHSA-2023:0769
Security Fix(es):
* kubernetes: Unauthorized read of Custom Resources (CVE-2022-3162)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. All the bug fixes may not be documented in this advisory. See the following release notes documentation for details about these changes:
https://access.redhat.com/documentation/en-us/microshift/4.12/html/release_notes/index
All Red Hat build of MicroShift 4.12 users are advised to use these updated packages and images when they are available in the RPM repository.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in kubernetes. Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different kind in the same API group they are not authorized to read.
6.5 (Medium)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
10 references
Acknowledgments
Kubernetes Security Response Committee
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat build of MicroShift release 4.12.4 is now available with updates to packages and images that fix several bugs. \n\nThis release includes a security update for the Red Hat build of MicroShift 4.12. \n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat build of MicroShift is Red Hat\u0027s light-weight Kubernetes orchestration solution designed for edge device deployments and is built from the edge capabilities of Red Hat OpenShift. MicroShift is an application that is deployed on top of Red Hat Enterprise Linux devices at the edge, providing an efficient way to operate single-node clusters in these low-resource environments.\n\nThis advisory contains the RPM packages for Red Hat build of MicroShift 4.12.4. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2023:0769\n\nSecurity Fix(es):\n\n* kubernetes: Unauthorized read of Custom Resources (CVE-2022-3162)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. All the bug fixes may not be documented in this advisory. See the following release notes documentation for details about these changes:\n\nhttps://access.redhat.com/documentation/en-us/microshift/4.12/html/release_notes/index\n\nAll Red Hat build of MicroShift 4.12 users are advised to use these updated packages and images when they are available in the RPM repository.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0772",
"url": "https://access.redhat.com/errata/RHSA-2023:0772"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2136673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136673"
},
{
"category": "external",
"summary": "OCPBUGS-6908",
"url": "https://issues.redhat.com/browse/OCPBUGS-6908"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0772.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.12.4 security update",
"tracking": {
"current_release_date": "2024-11-22T20:52:31+00:00",
"generator": {
"date": "2024-11-22T20:52:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2023:0772",
"initial_release_date": "2023-02-20T18:33:05+00:00",
"revision_history": [
{
"date": "2023-02-20T18:33:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-02-20T18:33:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T20:52:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.12",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.12::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src",
"product": {
"name": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src",
"product_id": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microshift@4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"product": {
"name": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"product_id": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microshift@4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"product": {
"name": "microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"product_id": "microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microshift-networking@4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"product": {
"name": "microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"product_id": "microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microshift-release-info@4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"product": {
"name": "microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"product_id": "microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microshift-selinux@4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src"
},
"product_reference": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64"
},
"product_reference": "microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64"
},
"product_reference": "microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch"
},
"product_reference": "microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch"
},
"product_reference": "microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.12"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Kubernetes Security Response Committee"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-3162",
"discovery_date": "2022-10-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136673"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in kubernetes. Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different kind in the same API group they are not authorized to read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes: Unauthorized read of Custom Resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src",
"8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"8Base-RHOSE-4.12:microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"8Base-RHOSE-4.12:microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"8Base-RHOSE-4.12:microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3162"
},
{
"category": "external",
"summary": "RHBZ#2136673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136673"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3162",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3162"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3162",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3162"
},
{
"category": "external",
"summary": "https://github.com/kubernetes/kubernetes/issues/113756",
"url": "https://github.com/kubernetes/kubernetes/issues/113756"
}
],
"release_date": "2022-11-10T16:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-20T18:33:05+00:00",
"details": "MicroShift 4.12.4 - RPMs\n\nFor MicroShift 4.12, read the following documentation, which will be updated shortly for this release, for important instructions on how to install the latest RPMs and fully apply this asynchronous errata update:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_build_of_microshift/4.12/html/release_notes/index",
"product_ids": [
"8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src",
"8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"8Base-RHOSE-4.12:microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"8Base-RHOSE-4.12:microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"8Base-RHOSE-4.12:microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0772"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.src",
"8Base-RHOSE-4.12:microshift-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"8Base-RHOSE-4.12:microshift-networking-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.x86_64",
"8Base-RHOSE-4.12:microshift-release-info-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch",
"8Base-RHOSE-4.12:microshift-selinux-0:4.12.4-202302151633.p0.gb9fe8ac.assembly.4.12.4.el8.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes: Unauthorized read of Custom Resources"
}
]
}
SUSE-SU-2023:2292-1
Vulnerability from csaf_suse - Published: 2023-05-25 07:21 - Updated: 2023-05-25 07:21Summary
Security update for kubernetes1.23
Severity
Moderate
Notes
Title of the patch: Security update for kubernetes1.23
Description of the patch: This update for kubernetes1.23 fixes the following issues:
- add kubernetes1.18-client-common as conflicts with kubernetes-client-bash-completion
- Split individual completions into separate packages
Update to version 1.23.17:
* releng: Update images, dependencies and version to Go 1.19.6
* Update golang.org/x/net to v0.7.0
* Pin golang.org/x/net to v0.4.0
* add scale test for probes
* use custom dialer for http probes
* use custom dialer for tcp probes
* add custom dialer optimized for probes
* egress_selector: prevent goroutines leak on connect() step.
* tls.Dial() validates hostname, no need to do that manually
* Fix issue that Audit Server could not correctly encode DeleteOption
* Do not include scheduler name in the preemption event message
* Do not leak cross namespace pod metadata in preemption events
* pkg/controller/job: re-honor exponential backoff
* releng: Update images, dependencies and version to Go 1.19.5
* Bump Konnectivity to v0.0.35
* Improve vendor verification works for each staging repo
* Update to go1.19
* Adjust for os/exec changes in 1.19
* Update golangci-lint to 1.46.2 and fix errors
* Match go1.17 defaults for SHA-1 and GC
* update golangci-lint to 1.45.0
* kubelet: make the image pull time more accurate in event
* change k8s.gcr.io/pause to registry.k8s.io/pause
* use etcd 3.5.6-0 after promotion
* changelog: CVE-2022-3294 and CVE-2022-3162 were fixed in v1.23.14
* Add CVE-2021-25749 to CHANGELOG-1.23.md
* Add CVE-2022-3294 to CHANGELOG-1.23.md
* kubeadm: use registry.k8s.io instead of k8s.gcr.io
* etcd: Updated to v3.5.5
* Bump konnectivity network proxy to v0.0.33. Includes a couple bug fixes for better handling of dial failures. [Agent & Server](https://github.com/kubernetes-sigs/apiserver-network-proxy/commits/v0.0.33) include numerous other fixes.
* kubeadm: allow RSA and ECDSA format keys in preflight check
* Fixes kubelet log compression on Windows
* Reduce default gzip compression level from 4 to 1 in apiserver
* exec auth: support TLS config caching
* Marshal MicroTime to json and proto at the same precision
* Windows: ensure runAsNonRoot does case-insensitive comparison on user name
* update structured-merge-diff to 4.2.3
* Add rate limiting when calling STS assume role API
* Fixing issue in generatePodSandboxWindowsConfig for hostProcess containers by where pod sandbox won't have HostProcess bit set if pod does not have a security context but containers specify HostProcess.
Patchnames: SUSE-2023-2292,SUSE-SLE-Module-Containers-15-SP4-2023-2292,SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-2292,SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-2292,SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-2292,SUSE-SLE-Product-SLES_SAP-15-SP3-2023-2292,SUSE-Storage-7.1-2023-2292
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.6 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubernetes1.23",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubernetes1.23 fixes the following issues:\n\n- add kubernetes1.18-client-common as conflicts with kubernetes-client-bash-completion \n\n- Split individual completions into separate packages\n\nUpdate to version 1.23.17:\n\n * releng: Update images, dependencies and version to Go 1.19.6\n * Update golang.org/x/net to v0.7.0\n * Pin golang.org/x/net to v0.4.0\n * add scale test for probes\n * use custom dialer for http probes\n * use custom dialer for tcp probes\n * add custom dialer optimized for probes\n * egress_selector: prevent goroutines leak on connect() step.\n * tls.Dial() validates hostname, no need to do that manually\n * Fix issue that Audit Server could not correctly encode DeleteOption\n * Do not include scheduler name in the preemption event message\n * Do not leak cross namespace pod metadata in preemption events\n * pkg/controller/job: re-honor exponential backoff\n * releng: Update images, dependencies and version to Go 1.19.5\n * Bump Konnectivity to v0.0.35\n * Improve vendor verification works for each staging repo\n * Update to go1.19\n * Adjust for os/exec changes in 1.19\n * Update golangci-lint to 1.46.2 and fix errors\n * Match go1.17 defaults for SHA-1 and GC\n * update golangci-lint to 1.45.0\n * kubelet: make the image pull time more accurate in event\n * change k8s.gcr.io/pause to registry.k8s.io/pause\n * use etcd 3.5.6-0 after promotion\n * changelog: CVE-2022-3294 and CVE-2022-3162 were fixed in v1.23.14\n * Add CVE-2021-25749 to CHANGELOG-1.23.md\n * Add CVE-2022-3294 to CHANGELOG-1.23.md\n * kubeadm: use registry.k8s.io instead of k8s.gcr.io\n * etcd: Updated to v3.5.5\n * Bump konnectivity network proxy to v0.0.33. Includes a couple bug fixes for better handling of dial failures. [Agent \u0026 Server](https://github.com/kubernetes-sigs/apiserver-network-proxy/commits/v0.0.33) include numerous other fixes.\n * kubeadm: allow RSA and ECDSA format keys in preflight check\n * Fixes kubelet log compression on Windows\n * Reduce default gzip compression level from 4 to 1 in apiserver\n * exec auth: support TLS config caching\n * Marshal MicroTime to json and proto at the same precision\n * Windows: ensure runAsNonRoot does case-insensitive comparison on user name\n * update structured-merge-diff to 4.2.3\n * Add rate limiting when calling STS assume role API\n * Fixing issue in generatePodSandboxWindowsConfig for hostProcess containers by where pod sandbox won\u0027t have HostProcess bit set if pod does not have a security context but containers specify HostProcess.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-2292,SUSE-SLE-Module-Containers-15-SP4-2023-2292,SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-2292,SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-2292,SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-2292,SUSE-SLE-Product-SLES_SAP-15-SP3-2023-2292,SUSE-Storage-7.1-2023-2292",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2292-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:2292-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232292-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:2292-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-May/029534.html"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-25749 page",
"url": "https://www.suse.com/security/cve/CVE-2021-25749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3162 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3294 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3294/"
}
],
"title": "Security update for kubernetes1.23",
"tracking": {
"current_release_date": "2023-05-25T07:21:44Z",
"generator": {
"date": "2023-05-25T07:21:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:2292-1",
"initial_release_date": "2023-05-25T07:21:44Z",
"revision_history": [
{
"date": "2023-05-25T07:21:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.6.1.aarch64",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.6.1.aarch64",
"product_id": "kubernetes1.23-apiserver-1.23.17-150300.7.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"product": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"product_id": "kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"product_id": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.6.1.aarch64",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.6.1.aarch64",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150300.7.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.6.1.aarch64",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.6.1.aarch64",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150300.7.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.6.1.aarch64",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.6.1.aarch64",
"product_id": "kubernetes1.23-kubelet-1.23.17-150300.7.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.6.1.aarch64",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.6.1.aarch64",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150300.7.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150300.7.6.1.aarch64",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150300.7.6.1.aarch64",
"product_id": "kubernetes1.23-proxy-1.23.17-150300.7.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.6.1.aarch64",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.6.1.aarch64",
"product_id": "kubernetes1.23-scheduler-1.23.17-150300.7.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-client-bash-completion-1.23.17-150300.7.6.1.noarch",
"product": {
"name": "kubernetes1.23-client-bash-completion-1.23.17-150300.7.6.1.noarch",
"product_id": "kubernetes1.23-client-bash-completion-1.23.17-150300.7.6.1.noarch"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-fish-completion-1.23.17-150300.7.6.1.noarch",
"product": {
"name": "kubernetes1.23-client-fish-completion-1.23.17-150300.7.6.1.noarch",
"product_id": "kubernetes1.23-client-fish-completion-1.23.17-150300.7.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.6.1.ppc64le",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.6.1.ppc64le",
"product_id": "kubernetes1.23-apiserver-1.23.17-150300.7.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"product": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"product_id": "kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"product_id": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.6.1.ppc64le",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.6.1.ppc64le",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150300.7.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.6.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.6.1.ppc64le",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150300.7.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.6.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.6.1.ppc64le",
"product_id": "kubernetes1.23-kubelet-1.23.17-150300.7.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.6.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.6.1.ppc64le",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150300.7.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150300.7.6.1.ppc64le",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150300.7.6.1.ppc64le",
"product_id": "kubernetes1.23-proxy-1.23.17-150300.7.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.6.1.ppc64le",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.6.1.ppc64le",
"product_id": "kubernetes1.23-scheduler-1.23.17-150300.7.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.6.1.s390x",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.6.1.s390x",
"product_id": "kubernetes1.23-apiserver-1.23.17-150300.7.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"product": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"product_id": "kubernetes1.23-client-1.23.17-150300.7.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"product_id": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.6.1.s390x",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.6.1.s390x",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150300.7.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.6.1.s390x",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.6.1.s390x",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150300.7.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.6.1.s390x",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.6.1.s390x",
"product_id": "kubernetes1.23-kubelet-1.23.17-150300.7.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.6.1.s390x",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.6.1.s390x",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150300.7.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150300.7.6.1.s390x",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150300.7.6.1.s390x",
"product_id": "kubernetes1.23-proxy-1.23.17-150300.7.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.6.1.s390x",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.6.1.s390x",
"product_id": "kubernetes1.23-scheduler-1.23.17-150300.7.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.6.1.x86_64",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.6.1.x86_64",
"product_id": "kubernetes1.23-apiserver-1.23.17-150300.7.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"product": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"product_id": "kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"product_id": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.6.1.x86_64",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.6.1.x86_64",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150300.7.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.6.1.x86_64",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.6.1.x86_64",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150300.7.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.6.1.x86_64",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.6.1.x86_64",
"product_id": "kubernetes1.23-kubelet-1.23.17-150300.7.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.6.1.x86_64",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.6.1.x86_64",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150300.7.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150300.7.6.1.x86_64",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150300.7.6.1.x86_64",
"product_id": "kubernetes1.23-proxy-1.23.17-150300.7.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.6.1.x86_64",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.6.1.x86_64",
"product_id": "kubernetes1.23-scheduler-1.23.17-150300.7.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-25749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-25749"
}
],
"notes": [
{
"category": "general",
"text": "Windows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-25749",
"url": "https://www.suse.com/security/cve/CVE-2021-25749"
},
{
"category": "external",
"summary": "SUSE Bug 1203475 for CVE-2021-25749",
"url": "https://bugzilla.suse.com/1203475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-25T07:21:44Z",
"details": "important"
}
],
"title": "CVE-2021-25749"
},
{
"cve": "CVE-2022-3162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3162"
}
],
"notes": [
{
"category": "general",
"text": "Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3162",
"url": "https://www.suse.com/security/cve/CVE-2022-3162"
},
{
"category": "external",
"summary": "SUSE Bug 1204388 for CVE-2022-3162",
"url": "https://bugzilla.suse.com/1204388"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-25T07:21:44Z",
"details": "moderate"
}
],
"title": "CVE-2022-3162"
},
{
"cve": "CVE-2022-3294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3294"
}
],
"notes": [
{
"category": "general",
"text": "Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server\u0027s private network.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3294",
"url": "https://www.suse.com/security/cve/CVE-2022-3294"
},
{
"category": "external",
"summary": "SUSE Bug 1204387 for CVE-2022-3294",
"url": "https://bugzilla.suse.com/1204387"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Enterprise Storage 7.1:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-1.23.17-150300.7.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:kubernetes1.23-client-common-1.23.17-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-25T07:21:44Z",
"details": "moderate"
}
],
"title": "CVE-2022-3294"
}
]
}
WID-SEC-W-2022-2017
Vulnerability from csaf_certbund - Published: 2022-11-10 23:00 - Updated: 2023-07-04 22:00Summary
Kubernetes: Schwachstelle ermöglicht Offenlegung von Informationen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Kubernetes ist ein Werkzeug zur Automatisierung der Bereitstellung, Skalierung und Verwaltung von containerisierten Anwendungen.
Angriff: Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Kubernetes ausnutzen, um Informationen offenzulegen.
Betroffene Betriebssysteme: - UNIX
- Linux
- Windows
Es existiert eine Schwachstelle in Kubernetes. Diese ist auf einen Fehler bei der Vergabe von Leserechten für custom-namespaces zurückzuführen. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM InfoSphere Information Server 11.7
IBM
|
cpe:/a:ibm:infosphere_information_server:11.7
|
— | |
|
Red Hat OpenShift Container Platform 4.12
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4.12
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
References
15 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Kubernetes ist ein Werkzeug zur Automatisierung der Bereitstellung, Skalierung und Verwaltung von containerisierten Anwendungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Kubernetes ausnutzen, um Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-2017 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2017.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-2017 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2017"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-12563 vom 2023-07-03",
"url": "https://linux.oracle.com/errata/ELSA-2023-12563.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2292-1 vom 2023-05-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014985.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6988149 vom 2023-05-24",
"url": "https://www.ibm.com/support/pages/node/6988149"
},
{
"category": "external",
"summary": "Github Issue for Kubernetes vom 2022-11-10",
"url": "https://github.com/kubernetes/kubernetes/issues/113756"
},
{
"category": "external",
"summary": "Eintrag in der OSS-Mailinglist vom 2022-11-10",
"url": "https://seclists.org/oss-sec/2022/q4/136"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-10033 vom 2022-11-30",
"url": "https://linux.oracle.com/errata/ELSA-2022-10033.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-10036 vom 2022-11-29",
"url": "https://linux.oracle.com/errata/ELSA-2022-10036.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-12014 vom 2023-01-11",
"url": "https://linux.oracle.com/errata/ELSA-2023-12014.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-12011 vom 2023-01-11",
"url": "https://linux.oracle.com/errata/ELSA-2023-12011.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-12012 vom 2023-01-11",
"url": "https://linux.oracle.com/errata/ELSA-2023-12012.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-12013 vom 2023-01-11",
"url": "https://linux.oracle.com/errata/ELSA-2023-12013.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7398 vom 2023-01-18",
"url": "https://access.redhat.com/errata/RHSA-2022:7398"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0772 vom 2023-02-21",
"url": "https://access.redhat.com/errata/RHSA-2023:0772"
}
],
"source_lang": "en-US",
"title": "Kubernetes: Schwachstelle erm\u00f6glicht Offenlegung von Informationen",
"tracking": {
"current_release_date": "2023-07-04T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:37:53.900+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-2017",
"initial_release_date": "2022-11-10T23:00:00.000+00:00",
"revision_history": [
{
"date": "2022-11-10T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-11-13T23:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: FEDORA-2022-2004702D98"
},
{
"date": "2022-11-20T23:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: FEDORA-2022-8647729FF8"
},
{
"date": "2022-11-29T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-12-11T23:00:00.000+00:00",
"number": "5",
"summary": "Referenz(en) aufgenommen: FEDORA-2022-87DC671571"
},
{
"date": "2023-01-10T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2023-01-17T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-02-20T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-05-23T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
},
{
"date": "2023-05-24T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-07-04T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Oracle Linux aufgenommen"
}
],
"status": "final",
"version": "11"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM InfoSphere Information Server 11.7",
"product": {
"name": "IBM InfoSphere Information Server 11.7",
"product_id": "444803",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:11.7"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Open Source Kubernetes \u003c v1.25.4",
"product": {
"name": "Open Source Kubernetes \u003c v1.25.4",
"product_id": "T025300",
"product_identification_helper": {
"cpe": "cpe:/a:kubernetes:kubernetes:v1.25.4"
}
}
},
{
"category": "product_name",
"name": "Open Source Kubernetes \u003c v1.24.8",
"product": {
"name": "Open Source Kubernetes \u003c v1.24.8",
"product_id": "T025307",
"product_identification_helper": {
"cpe": "cpe:/a:kubernetes:kubernetes:v1.24.8"
}
}
},
{
"category": "product_name",
"name": "Open Source Kubernetes \u003c v1.23.14",
"product": {
"name": "Open Source Kubernetes \u003c v1.23.14",
"product_id": "T025309",
"product_identification_helper": {
"cpe": "cpe:/a:kubernetes:kubernetes:v1.23.14"
}
}
},
{
"category": "product_name",
"name": "Open Source Kubernetes \u003c v1.22.16",
"product": {
"name": "Open Source Kubernetes \u003c v1.22.16",
"product_id": "T025310",
"product_identification_helper": {
"cpe": "cpe:/a:kubernetes:kubernetes:v1.22.16"
}
}
}
],
"category": "product_name",
"name": "Kubernetes"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift",
"product": {
"name": "Red Hat OpenShift",
"product_id": "T008027",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:-"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.12",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12",
"product_id": "T026435",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4.12"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3162",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in Kubernetes. Diese ist auf einen Fehler bei der Vergabe von Leserechten f\u00fcr custom-namespaces zur\u00fcckzuf\u00fchren. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T008027",
"T002207",
"444803",
"T026435",
"T004914"
]
},
"release_date": "2022-11-10T23:00:00.000+00:00",
"title": "CVE-2022-3162"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…