Action not permitted
Modal body text goes here.
CVE-2022-3517
Vulnerability from cvelistv5
Published
2022-10-17 00:00
Modified
2024-08-03 01:14
Severity ?
EPSS score ?
Summary
A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:14:02.557Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6" }, { "tags": [ "x_transferred" ], "url": "https://github.com/grafana/grafana-image-renderer/issues/329" }, { "name": "[debian-lts-announce] 20230115 [SECURITY] [DLA 3271-1] node-minimatch security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00011.html" }, { "name": "FEDORA-2023-ce8943223c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3/" }, { "name": "FEDORA-2023-18fd476362", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "minimatch", "vendor": "n/a", "versions": [ { "status": "affected", "version": "minimatch versions prior to 3.0.5" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-21T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6" }, { "url": "https://github.com/grafana/grafana-image-renderer/issues/329" }, { "name": "[debian-lts-announce] 20230115 [SECURITY] [DLA 3271-1] node-minimatch security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00011.html" }, { "name": "FEDORA-2023-ce8943223c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3/" }, { "name": "FEDORA-2023-18fd476362", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-3517", "datePublished": "2022-10-17T00:00:00", "dateReserved": "2022-10-14T00:00:00", "dateUpdated": "2024-08-03T01:14:02.557Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2022-3517\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2022-10-17T20:15:09.937\",\"lastModified\":\"2023-11-07T03:51:21.323\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.\"},{\"lang\":\"es\",\"value\":\"Se ha encontrado una vulnerabilidad en el paquete minimatch. Este fallo permite una Denegaci\u00f3n de Servicio por Expresi\u00f3n Regular (ReDoS) cuando es llamada a la funci\u00f3n braceExpand con argumentos espec\u00edficos, resultando en una Denegaci\u00f3n de Servicio\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1333\"}]},{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:minimatch_project:minimatch:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"3.0.5\",\"matchCriteriaId\":\"0987C222-DE34-4C3D-BBEB-BDD1C8E202F6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"}]}]}],\"references\":[{\"url\":\"https://github.com/grafana/grafana-image-renderer/issues/329\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/01/msg00011.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK/\",\"source\":\"secalert@redhat.com\"}]}}" } }
rhsa-2023_0050
Vulnerability from csaf_redhat
Published
2023-01-09 14:55
Modified
2024-11-06 02:11
Summary
Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (14.21.1), nodejs-nodemon (2.0.20).
Security Fix(es):
* minimist: prototype pollution (CVE-2021-44906)
* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* express: "qs" prototype poisoning causes the hang of the node process (CVE-2022-24999)
* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (14.21.1), nodejs-nodemon (2.0.20).\n\nSecurity Fix(es):\n\n* minimist: prototype pollution (CVE-2021-44906)\n\n* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* express: \"qs\" prototype poisoning causes the hang of the node process (CVE-2022-24999)\n\n* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:0050", "url": "https://access.redhat.com/errata/RHSA-2023:0050" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2044591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591" }, { "category": "external", "summary": "2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "2142821", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142821" }, { "category": "external", "summary": "2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0050.json" } ], "title": "Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-06T02:11:47+00:00", "generator": { "date": "2024-11-06T02:11:47+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2023:0050", "initial_release_date": "2023-01-09T14:55:37+00:00", "revision_history": [ { "date": "2023-01-09T14:55:37+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-01-09T14:55:37+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T02:11:47+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nodejs:14:8070020221212161539:bd1311ed", "product": { "name": "nodejs:14:8070020221212161539:bd1311ed", "product_id": "nodejs:14:8070020221212161539:bd1311ed", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/nodejs@14:8070020221212161539:bd1311ed" } } }, { "category": "product_version", "name": "nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "product": { "name": "nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "product_id": "nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-docs@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "product": { "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "product_id": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=noarch" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_id": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product": { "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_id": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product": { "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_id": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product": { "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_id": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product": { "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_id": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "product": { "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "product_id": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.17-1.14.21.1.2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "product": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "product_id": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "product": { "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "product_id": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=src" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_id": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product": { "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_id": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product": { "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_id": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product": { "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_id": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product": { "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_id": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "product": { "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "product_id": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.17-1.14.21.1.2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_id": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product": { "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_id": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product": { "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_id": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product": { "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_id": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product": { "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_id": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "product": { "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "product_id": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.17-1.14.21.1.2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_id": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product": { "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_id": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product": { "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_id": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product": { "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_id": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product": { "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_id": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64", "product": { "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64", "product_id": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.17-1.14.21.1.2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, "product_reference": "nodejs:14:8070020221212161539:bd1311ed", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64" }, "product_reference": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le" }, "product_reference": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x" }, "product_reference": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src" }, "product_reference": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64" }, "product_reference": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64" }, "product_reference": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le" }, "product_reference": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x" }, "product_reference": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64" }, "product_reference": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64" }, "product_reference": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le" }, "product_reference": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x" }, "product_reference": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64" }, "product_reference": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64" }, "product_reference": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le" }, "product_reference": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x" }, "product_reference": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64" }, "product_reference": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch" }, "product_reference": "nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64" }, "product_reference": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le" }, "product_reference": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x" }, "product_reference": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64" }, "product_reference": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch" }, "product_reference": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src" }, "product_reference": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64" }, "product_reference": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le" }, "product_reference": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x" }, "product_reference": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" }, "product_reference": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-44906", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-03-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2066009" } ], "notes": [ { "category": "description", "text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "minimist: prototype pollution", "title": "Vulnerability summary" }, { "category": "other", "text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44906" }, { "category": "external", "summary": "RHBZ#2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44906" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h", "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h" } ], "release_date": "2022-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-09T14:55:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0050" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "minimist: prototype pollution" }, { "cve": "CVE-2022-0235", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2022-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2044591" } ], "notes": [ { "category": "description", "text": "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.", "title": "Vulnerability description" }, { "category": "summary", "text": "node-fetch: exposure of sensitive information to an unauthorized actor", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-0235" }, { "category": "external", "summary": "RHBZ#2044591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-0235", "url": "https://www.cve.org/CVERecord?id=CVE-2022-0235" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235" }, { "category": "external", "summary": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/", "url": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/" } ], "release_date": "2022-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-09T14:55:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0050" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "node-fetch: exposure of sensitive information to an unauthorized actor" }, { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-09T14:55:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0050" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "cve": "CVE-2022-24999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150323" } ], "notes": [ { "category": "description", "text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "express: \"qs\" prototype poisoning causes the hang of the node process", "title": "Vulnerability summary" }, { "category": "other", "text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24999" }, { "category": "external", "summary": "RHBZ#2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999" }, { "category": "external", "summary": "https://github.com/expressjs/express/releases/tag/4.17.3", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "category": "external", "summary": "https://github.com/ljharb/qs/pull/428", "url": "https://github.com/ljharb/qs/pull/428" }, { "category": "external", "summary": "https://github.com/n8tz/CVE-2022-24999", "url": "https://github.com/n8tz/CVE-2022-24999" } ], "release_date": "2022-11-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-09T14:55:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0050" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "express: \"qs\" prototype poisoning causes the hang of the node process" }, { "cve": "CVE-2022-43548", "cwe": { "id": "CWE-350", "name": "Reliance on Reverse DNS Resolution for a Security-Critical Action" }, "discovery_date": "2022-11-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140911" } ], "notes": [ { "category": "description", "text": "A flaw was found in NodeJS. The issue occurs in the Node.js rebinding protector for --inspect that still allows invalid IP addresses, specifically, the octal format. This flaw allows an attacker to perform DNS rebinding and execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: DNS rebinding in inspect via invalid octal IP address", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-43548" }, { "category": "external", "summary": "RHBZ#2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-43548", "url": "https://www.cve.org/CVERecord?id=CVE-2022-43548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548", "url": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548" } ], "release_date": "2022-11-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-09T14:55:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0050" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: DNS rebinding in inspect via invalid octal IP address" } ] }
rhsa-2023_1742
Vulnerability from csaf_redhat
Published
2023-04-12 15:04
Modified
2024-11-06 02:44
Summary
Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (14.21.3).
Security Fix(es):
* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)
* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* nodejs: Improper handling of URI Subject Alternative Names (CVE-2021-44531)
* nodejs: Certificate Verification Bypass via String Injection (CVE-2021-44532)
* nodejs: Incorrect handling of certificate subject and issuer fields (CVE-2021-44533)
* minimist: prototype pollution (CVE-2021-44906)
* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904)
* express: "qs" prototype poisoning causes the hang of the node process (CVE-2022-24999)
* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)
* nodejs: HTTP Request Smuggling due to incorrect parsing of header fields (CVE-2022-35256)
* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)
* Node.js: Permissions policies can be bypassed via process.mainModule (CVE-2023-23918)
* nodejs: Prototype pollution via console.table properties (CVE-2022-21824)
* Node.js: insecure loading of ICU data through ICU_DATA environment variable (CVE-2023-23920)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (14.21.3).\n\nSecurity Fix(es):\n\n* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)\n\n* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n\n* nodejs: Improper handling of URI Subject Alternative Names (CVE-2021-44531)\n\n* nodejs: Certificate Verification Bypass via String Injection (CVE-2021-44532)\n\n* nodejs: Incorrect handling of certificate subject and issuer fields (CVE-2021-44533)\n\n* minimist: prototype pollution (CVE-2021-44906)\n\n* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904)\n\n* express: \"qs\" prototype poisoning causes the hang of the node process (CVE-2022-24999)\n\n* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)\n\n* nodejs: HTTP Request Smuggling due to incorrect parsing of header fields (CVE-2022-35256)\n\n* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)\n\n* Node.js: Permissions policies can be bypassed via process.mainModule (CVE-2023-23918)\n\n* nodejs: Prototype pollution via console.table properties (CVE-2022-21824)\n\n* Node.js: insecure loading of ICU data through ICU_DATA environment variable (CVE-2023-23920)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1742", "url": "https://access.redhat.com/errata/RHSA-2023:1742" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2040839", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040839" }, { "category": "external", "summary": "2040846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040846" }, { "category": "external", "summary": "2040856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040856" }, { "category": "external", "summary": "2040862", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040862" }, { "category": "external", "summary": "2044591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591" }, { "category": "external", "summary": "2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "2130518", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130518" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "2142822", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142822" }, { "category": "external", "summary": "2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "2165824", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824" }, { "category": "external", "summary": "2168631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631" }, { "category": "external", "summary": "2170644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644" }, { "category": "external", "summary": "2171935", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935" }, { "category": "external", "summary": "2172217", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217" }, { "category": "external", "summary": "2175827", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175827" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1742.json" } ], "title": "Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-06T02:44:39+00:00", "generator": { "date": "2024-11-06T02:44:39+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2023:1742", "initial_release_date": "2023-04-12T15:04:47+00:00", "revision_history": [ { "date": "2023-04-12T15:04:47+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-04-12T15:04:47+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T02:44:39+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product": { "name": "Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:8.6::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nodejs:14:8060020230306170237:ad008a3a", "product": { "name": "nodejs:14:8060020230306170237:ad008a3a", "product_id": "nodejs:14:8060020230306170237:ad008a3a", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/nodejs@14:8060020230306170237:ad008a3a" } } }, { "category": "product_version", "name": "nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "product": { "name": "nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "product_id": "nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-docs@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "product": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "product_id": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-3.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=noarch" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_id": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "product": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "product_id": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "product": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "product_id": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-3.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=src" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_id": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_id": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_id": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, "product_reference": "nodejs:14:8060020230306170237:ad008a3a", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch" }, "product_reference": "nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch" }, "product_reference": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src" }, "product_reference": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-35065", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-12-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156324" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "glob-parent: Regular Expression Denial of Service", "title": "Vulnerability summary" }, { "category": "other", "text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-35065" }, { "category": "external", "summary": "RHBZ#2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065", "url": "https://www.cve.org/CVERecord?id=CVE-2021-35065" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294", "url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294" } ], "release_date": "2022-12-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "glob-parent: Regular Expression Denial of Service" }, { "cve": "CVE-2021-44531", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2022-01-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040839" } ], "notes": [ { "category": "description", "text": "A flaw was found in node.js where it accepted a certificate\u0027s Subject Alternative Names (SAN) entry, as opposed to what is specified by the HTTPS protocol. This flaw allows an active person-in-the-middle to forge a certificate and impersonate a trusted host.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Improper handling of URI Subject Alternative Names", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\" with impact LOW.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44531" }, { "category": "external", "summary": "RHBZ#2040839", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040839" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44531", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44531" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: Improper handling of URI Subject Alternative Names" }, { "cve": "CVE-2021-44532", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2022-01-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040846" } ], "notes": [ { "category": "description", "text": "It was found that node.js did not safely read the x509 certificate generalName format properly, resulting in data injection. A certificate could use a specially crafted extension in order to be successfully validated, permitting an attacker to impersonate a trusted host.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Certificate Verification Bypass via String Injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\" with impact LOW.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44532" }, { "category": "external", "summary": "RHBZ#2040846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040846" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44532", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44532" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: Certificate Verification Bypass via String Injection" }, { "cve": "CVE-2021-44533", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2022-01-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040856" } ], "notes": [ { "category": "description", "text": "A flaw was found in node.js, where it did not properly handle multi-value Relative Distinguished Names. This flaw allows a specially crafted x509 certificate to produce a false multi-value Relative Distinguished Name and to inject arbitrary data in node.js libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Incorrect handling of certificate subject and issuer fields", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally, there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore, the Quay component is marked as \"Will not fix\" with impact LOW.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44533" }, { "category": "external", "summary": "RHBZ#2040856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040856" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44533", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44533" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44533", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44533" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: Incorrect handling of certificate subject and issuer fields" }, { "cve": "CVE-2021-44906", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-03-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2066009" } ], "notes": [ { "category": "description", "text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "minimist: prototype pollution", "title": "Vulnerability summary" }, { "category": "other", "text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44906" }, { "category": "external", "summary": "RHBZ#2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44906" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h", "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h" } ], "release_date": "2022-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "minimist: prototype pollution" }, { "cve": "CVE-2022-0235", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2022-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2044591" } ], "notes": [ { "category": "description", "text": "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.", "title": "Vulnerability description" }, { "category": "summary", "text": "node-fetch: exposure of sensitive information to an unauthorized actor", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-0235" }, { "category": "external", "summary": "RHBZ#2044591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-0235", "url": "https://www.cve.org/CVERecord?id=CVE-2022-0235" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235" }, { "category": "external", "summary": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/", "url": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/" } ], "release_date": "2022-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "node-fetch: exposure of sensitive information to an unauthorized actor" }, { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "cve": "CVE-2022-4904", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2168631" } ], "notes": [ { "category": "description", "text": "A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "c-ares: buffer overflow in config_sortlist() due to missing string length check", "title": "Vulnerability summary" }, { "category": "other", "text": "The severity of this vulnerability is not important but moderate because exploiting the vulnerability can lead to a disruption of the availability of an application, yet doesn\u2019t compromise data integrity or confidentiality. The opportunity for disruption is further limited due to the requirement that an application allows an attacker to be able to input both untrusted and unvalidated data. Exploiting this flaw requires an application to use the library in such a way that would allow untrusted and unvalidated input to be passed directly to ares_set_sortlist by an attacker. In the event that this is able to occur, the impact to RHEL is limited to a crash of the application due to the protections offered by default in RHEL systems such as Stack Smashing Protection (SSP).", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-4904" }, { "category": "external", "summary": "RHBZ#2168631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4904", "url": "https://www.cve.org/CVERecord?id=CVE-2022-4904" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904" }, { "category": "external", "summary": "https://github.com/c-ares/c-ares/issues/496", "url": "https://github.com/c-ares/c-ares/issues/496" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "c-ares: buffer overflow in config_sortlist() due to missing string length check" }, { "cve": "CVE-2022-21824", "cwe": { "id": "CWE-915", "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes" }, "discovery_date": "2022-01-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040862" } ], "notes": [ { "category": "description", "text": "Due to the formatting logic of the \"console.table()\" function it was not safe to allow user controlled input to be passed to the \"properties\" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be \"__proto__\". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js \u003e= 12.22.9, \u003e= 14.18.3, \u003e= 16.13.2, and \u003e= 17.3.1 use a null protoype for the object these properties are being assigned to.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Prototype pollution via console.table properties", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-21824" }, { "category": "external", "summary": "RHBZ#2040862", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040862" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-21824", "url": "https://www.cve.org/CVERecord?id=CVE-2022-21824" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21824", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21824" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs: Prototype pollution via console.table properties" }, { "cve": "CVE-2022-24999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150323" } ], "notes": [ { "category": "description", "text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "express: \"qs\" prototype poisoning causes the hang of the node process", "title": "Vulnerability summary" }, { "category": "other", "text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24999" }, { "category": "external", "summary": "RHBZ#2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999" }, { "category": "external", "summary": "https://github.com/expressjs/express/releases/tag/4.17.3", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "category": "external", "summary": "https://github.com/ljharb/qs/pull/428", "url": "https://github.com/ljharb/qs/pull/428" }, { "category": "external", "summary": "https://github.com/n8tz/CVE-2022-24999", "url": "https://github.com/n8tz/CVE-2022-24999" } ], "release_date": "2022-11-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "express: \"qs\" prototype poisoning causes the hang of the node process" }, { "cve": "CVE-2022-25881", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2023-01-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2165824" } ], "notes": [ { "category": "description", "text": "A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.", "title": "Vulnerability description" }, { "category": "summary", "text": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-25881" }, { "category": "external", "summary": "RHBZ#2165824", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25881", "url": "https://www.cve.org/CVERecord?id=CVE-2022-25881" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881" } ], "release_date": "2023-01-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability" }, { "acknowledgments": [ { "names": [ "VVX7" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2022-35256", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2022-09-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2130518" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in NodeJS due to improper validation of HTTP requests. The llhttp parser in the HTTP module in Node.js does not correctly handle header fields that are not terminated with CLRF. This issue may result in HTTP Request Smuggling. This flaw allows a remote attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: HTTP Request Smuggling due to incorrect parsing of header fields", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-35256" }, { "category": "external", "summary": "RHBZ#2130518", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130518" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-35256", "url": "https://www.cve.org/CVERecord?id=CVE-2022-35256" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/#http-request-smuggling-due-to-incorrect-parsing-of-header-fields-medium-cve-2022-35256", "url": "https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/#http-request-smuggling-due-to-incorrect-parsing-of-header-fields-medium-cve-2022-35256" } ], "release_date": "2022-09-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: HTTP Request Smuggling due to incorrect parsing of header fields" }, { "cve": "CVE-2022-38900", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2023-02-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170644" } ], "notes": [ { "category": "description", "text": "A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "decode-uri-component: improper input validation resulting in DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "For OpenShift Container Platform (OCP), Advanced Clusters Management for Kubernetes (ACM) and Advanced Cluster Security (ACS), the NPM decode-uri-component package is only present in source repositories as a development dependency, it is not used in production. Therefore this vulnerability is rated Low for OCP and ACS.\n\nIn Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container bundles many nodejs packages as a build time dependencies, including the decode-uri-component package. \nThe vulnerable code is not used, hence the impact to OpenShift Logging by this vulnerability is Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38900" }, { "category": "external", "summary": "RHBZ#2170644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38900", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38900" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900" }, { "category": "external", "summary": "https://github.com/SamVerschueren/decode-uri-component/issues/5", "url": "https://github.com/SamVerschueren/decode-uri-component/issues/5" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-w573-4hg7-7wgq", "url": "https://github.com/advisories/GHSA-w573-4hg7-7wgq" } ], "release_date": "2022-11-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "decode-uri-component: improper input validation resulting in DoS" }, { "cve": "CVE-2022-43548", "cwe": { "id": "CWE-350", "name": "Reliance on Reverse DNS Resolution for a Security-Critical Action" }, "discovery_date": "2022-11-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140911" } ], "notes": [ { "category": "description", "text": "A flaw was found in NodeJS. The issue occurs in the Node.js rebinding protector for --inspect that still allows invalid IP addresses, specifically, the octal format. This flaw allows an attacker to perform DNS rebinding and execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: DNS rebinding in inspect via invalid octal IP address", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-43548" }, { "category": "external", "summary": "RHBZ#2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-43548", "url": "https://www.cve.org/CVERecord?id=CVE-2022-43548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548", "url": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548" } ], "release_date": "2022-11-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: DNS rebinding in inspect via invalid octal IP address" }, { "cve": "CVE-2023-23918", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "discovery_date": "2023-02-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2171935" } ], "notes": [ { "category": "description", "text": "A privilege escalation vulnerability exists in Node.js \u003c19.6.1, \u003c18.14.1, \u003c16.19.1 and \u003c14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.", "title": "Vulnerability description" }, { "category": "summary", "text": "Node.js: Permissions policies can be bypassed via process.mainModule", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-23918" }, { "category": "external", "summary": "RHBZ#2171935", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-23918", "url": "https://www.cve.org/CVERecord?id=CVE-2023-23918" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918" } ], "release_date": "2023-02-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Node.js: Permissions policies can be bypassed via process.mainModule" }, { "cve": "CVE-2023-23920", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "discovery_date": "2023-02-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2172217" } ], "notes": [ { "category": "description", "text": "An untrusted search path vulnerability exists in Node.js. \u003c19.6.1, \u003c18.14.1, \u003c16.19.1, and \u003c14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "Node.js: insecure loading of ICU data through ICU_DATA environment variable", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-23920" }, { "category": "external", "summary": "RHBZ#2172217", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-23920", "url": "https://www.cve.org/CVERecord?id=CVE-2023-23920" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920" } ], "release_date": "2023-02-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Node.js: insecure loading of ICU data through ICU_DATA environment variable" } ] }
rhsa-2023_3742
Vulnerability from csaf_redhat
Published
2023-06-21 15:22
Modified
2024-11-06 03:15
Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update
Notes
Topic
Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.
Security Fix(es):
* goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be (CVE-2021-4238)
* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)
* vault: Hashicorp Vault AWS IAM Integration Authentication Bypass (CVE-2020-16250)
* vault: GCP Auth Method Allows Authentication Bypass (CVE-2020-16251)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* go-yaml: Denial of Service in go-yaml (CVE-2021-4235)
* vault: incorrect policy enforcement (CVE-2021-43998)
* nodejs: Improper handling of URI Subject Alternative Names (CVE-2021-44531)
* nodejs: Certificate Verification Bypass via String Injection (CVE-2021-44532)
* nodejs: Incorrect handling of certificate subject and issuer fields (CVE-2021-44533)
* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)
* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass (CVE-2022-23540)
* jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC (CVE-2022-23541)
* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)
* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)
* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)
* consul: Consul Template May Expose Vault Secrets When Processing Invalid Input (CVE-2022-38149)
* vault: insufficient certificate revocation list checking (CVE-2022-41316)
* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)
* golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)
* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)
* golang: net/http, mime/multipart: denial of service from excessive resource consumption (CVE-2022-41725)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
* vault: Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File (CVE-2023-0620)
* hashicorp/vault: Vault’s PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata (CVE-2023-0665)
* Hashicorp/vault: Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation (CVE-2023-24999)
* hashicorp/vault: Cache-Timing Attacks During Seal and Unseal Operations (CVE-2023-25000)
* validator: Inefficient Regular Expression Complexity in Validator.js (CVE-2021-3765)
* nodejs: Prototype pollution via console.table properties (CVE-2022-21824)
* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.\n\nSecurity Fix(es):\n\n* goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be (CVE-2021-4238)\n\n* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)\n\n* vault: Hashicorp Vault AWS IAM Integration Authentication Bypass (CVE-2020-16250)\n\n* vault: GCP Auth Method Allows Authentication Bypass (CVE-2020-16251)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* go-yaml: Denial of Service in go-yaml (CVE-2021-4235)\n\n* vault: incorrect policy enforcement (CVE-2021-43998)\n\n* nodejs: Improper handling of URI Subject Alternative Names (CVE-2021-44531)\n\n* nodejs: Certificate Verification Bypass via String Injection (CVE-2021-44532)\n\n* nodejs: Incorrect handling of certificate subject and issuer fields (CVE-2021-44533)\n\n* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)\n\n* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass (CVE-2022-23540)\n\n* jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC (CVE-2022-23541)\n\n* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)\n\n* consul: Consul Template May Expose Vault Secrets When Processing Invalid Input (CVE-2022-38149)\n\n* vault: insufficient certificate revocation list checking (CVE-2022-41316)\n\n* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)\n\n* golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)\n\n* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)\n\n* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)\n\n* golang: net/http, mime/multipart: denial of service from excessive resource consumption (CVE-2022-41725)\n\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n\n* vault: Vault\u2019s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File (CVE-2023-0620)\n\n* hashicorp/vault: Vault\u2019s PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata (CVE-2023-0665)\n\n* Hashicorp/vault: Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation (CVE-2023-24999)\n\n* hashicorp/vault: Cache-Timing Attacks During Seal and Unseal Operations (CVE-2023-25000)\n\n* validator: Inefficient Regular Expression Complexity in Validator.js (CVE-2021-3765)\n\n* nodejs: Prototype pollution via console.table properties (CVE-2022-21824)\n\n* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:3742", "url": "https://access.redhat.com/errata/RHSA-2023:3742" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index" }, { "category": "external", "summary": "1786696", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1786696" }, { "category": "external", "summary": "1855339", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855339" }, { "category": "external", "summary": "1943137", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943137" }, { "category": "external", "summary": "1944687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944687" }, { "category": "external", "summary": "1989088", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989088" }, { "category": "external", "summary": "2005040", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005040" }, { "category": "external", "summary": "2005830", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005830" }, { "category": "external", "summary": "2007557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557" }, { "category": "external", "summary": "2028193", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028193" }, { "category": "external", "summary": "2040839", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040839" }, { "category": "external", "summary": "2040846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040846" }, { "category": "external", "summary": "2040856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040856" }, { "category": "external", "summary": "2040862", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040862" }, { "category": "external", "summary": "2042914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042914" }, { "category": "external", "summary": "2052252", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052252" }, { "category": "external", "summary": "2101497", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101497" }, { "category": "external", "summary": "2101916", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101916" }, { "category": "external", "summary": "2102304", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102304" }, { "category": "external", "summary": "2104148", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104148" }, { "category": "external", "summary": "2107388", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388" }, { "category": "external", "summary": "2113814", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814" }, { "category": "external", "summary": "2115020", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2115020" }, { "category": "external", "summary": "2115616", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2115616" }, { "category": "external", "summary": "2119551", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119551" }, { "category": "external", "summary": "2120098", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120098" }, { "category": "external", "summary": "2120944", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120944" }, { "category": "external", "summary": "2124668", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668" }, { "category": "external", "summary": "2124669", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669" }, { "category": "external", "summary": "2126299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126299" }, { "category": "external", "summary": "2132867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867" }, { "category": "external", "summary": "2132868", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868" }, { "category": "external", "summary": "2132872", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2135339", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135339" }, { "category": "external", "summary": "2139037", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139037" }, { "category": "external", "summary": "2141095", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141095" }, { "category": "external", "summary": "2142651", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142651" }, { "category": "external", "summary": "2142894", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142894" }, { "category": "external", "summary": "2142941", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142941" }, { "category": "external", "summary": "2143944", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143944" }, { "category": "external", "summary": "2144256", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144256" }, { "category": "external", "summary": "2151903", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151903" }, { "category": "external", "summary": "2152143", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152143" }, { "category": "external", "summary": "2154250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154250" }, { "category": "external", "summary": "2155507", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155507" }, { "category": "external", "summary": "2155743", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155743" }, { "category": "external", "summary": "2156067", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156067" }, { "category": "external", "summary": "2156069", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156069" }, { "category": "external", "summary": "2156263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263" }, { "category": "external", "summary": "2156519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156519" }, { "category": "external", "summary": "2156727", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156727" }, { "category": "external", "summary": "2156729", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156729" }, { "category": "external", "summary": "2157876", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2157876" }, { "category": "external", "summary": "2158922", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158922" }, { "category": "external", "summary": "2159676", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159676" }, { "category": "external", "summary": "2161274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274" }, { "category": "external", "summary": "2161879", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161879" }, { "category": "external", "summary": "2161937", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161937" }, { "category": "external", "summary": "2162257", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162257" }, { "category": "external", "summary": "2164617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164617" }, { "category": "external", "summary": "2165495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165495" }, { "category": "external", "summary": "2165504", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165504" }, { "category": "external", "summary": "2165929", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165929" }, { "category": "external", "summary": "2165938", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165938" }, { "category": "external", "summary": "2165984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165984" }, { "category": "external", "summary": "2166222", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166222" }, { "category": "external", "summary": "2166234", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166234" }, { "category": "external", "summary": "2166869", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166869" }, { "category": "external", "summary": "2167299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167299" }, { "category": "external", "summary": "2167308", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167308" }, { "category": "external", "summary": "2167337", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167337" }, { "category": "external", "summary": "2167340", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167340" }, { "category": "external", "summary": "2167946", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167946" }, { "category": "external", "summary": "2168113", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168113" }, { "category": "external", "summary": "2168635", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168635" }, { "category": "external", "summary": "2168840", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168840" }, { "category": "external", "summary": "2168849", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168849" }, { "category": "external", "summary": "2169375", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169375" }, { "category": "external", "summary": "2169378", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169378" }, { "category": "external", "summary": "2169779", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169779" }, { "category": "external", "summary": "2170644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644" }, { "category": "external", "summary": "2170673", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170673" }, { "category": "external", "summary": "2172089", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172089" }, { "category": "external", "summary": "2172365", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172365" }, { "category": "external", "summary": "2172521", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172521" }, { "category": "external", "summary": "2173161", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173161" }, { "category": "external", "summary": "2173528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173528" }, { "category": "external", "summary": "2173534", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173534" }, { "category": "external", "summary": "2173926", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173926" }, { "category": "external", "summary": "2175612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175612" }, { "category": "external", "summary": "2175685", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175685" }, { "category": "external", "summary": "2175714", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175714" }, { "category": "external", "summary": "2175867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175867" }, { "category": "external", "summary": "2176080", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176080" }, { "category": "external", "summary": "2176456", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176456" }, { "category": "external", "summary": "2176739", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176739" }, { "category": "external", "summary": "2176776", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176776" }, { "category": "external", "summary": "2176798", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176798" }, { "category": "external", "summary": "2176809", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176809" }, { "category": "external", "summary": "2177134", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177134" }, { "category": "external", "summary": "2177221", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177221" }, { "category": "external", "summary": "2177325", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177325" }, { "category": "external", "summary": "2177695", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177695" }, { "category": "external", "summary": "2177844", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177844" }, { "category": "external", "summary": "2178033", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178033" }, { "category": "external", "summary": "2178358", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358" }, { "category": "external", "summary": "2178488", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488" }, { "category": "external", "summary": "2178492", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492" }, { "category": "external", "summary": "2178588", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178588" }, { "category": "external", "summary": "2178619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178619" }, { "category": "external", "summary": "2178682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178682" }, { "category": "external", "summary": "2179133", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179133" }, { "category": "external", "summary": "2179337", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179337" }, { "category": "external", "summary": "2179403", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179403" }, { "category": "external", "summary": "2179846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179846" }, { "category": "external", "summary": "2179860", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179860" }, { "category": "external", "summary": "2179976", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179976" }, { "category": "external", "summary": "2179981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179981" }, { "category": "external", "summary": "2179997", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179997" }, { "category": "external", "summary": "2180211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180211" }, { "category": "external", "summary": "2180397", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180397" }, { "category": "external", "summary": "2180440", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180440" }, { "category": "external", "summary": "2180921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180921" }, { "category": "external", "summary": "2181112", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181112" }, { "category": "external", "summary": "2181133", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181133" }, { "category": "external", "summary": "2181446", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181446" }, { "category": "external", "summary": "2181535", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181535" }, { "category": "external", "summary": "2181551", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181551" }, { "category": "external", "summary": "2181832", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181832" }, { "category": "external", "summary": "2181949", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181949" }, { "category": "external", "summary": "2182041", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182041" }, { "category": "external", "summary": "2182296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182296" }, { "category": "external", "summary": "2182375", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182375" }, { "category": "external", "summary": "2182644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182644" }, { "category": "external", "summary": "2182664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182664" }, { "category": "external", "summary": "2182703", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182703" }, { "category": "external", "summary": "2182972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182972" }, { "category": "external", "summary": "2182981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182981" }, { "category": "external", "summary": "2183155", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183155" }, { "category": "external", "summary": "2183196", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183196" }, { "category": "external", "summary": "2183266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183266" }, { "category": "external", "summary": "2183457", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183457" }, { "category": "external", "summary": "2183478", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183478" }, { "category": "external", "summary": "2183520", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183520" }, { "category": "external", "summary": "2184068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184068" }, { "category": "external", "summary": "2184605", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184605" }, { "category": "external", "summary": "2184663", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184663" }, { "category": "external", "summary": "2184769", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184769" }, { "category": "external", "summary": "2184773", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184773" }, { "category": "external", "summary": "2184892", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184892" }, { "category": "external", "summary": "2184984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184984" }, { "category": "external", "summary": "2185164", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185164" }, { "category": "external", "summary": "2185188", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185188" }, { "category": "external", "summary": "2185757", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185757" }, { "category": "external", "summary": "2185871", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185871" }, { "category": "external", "summary": "2186171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186171" }, { "category": "external", "summary": "2186225", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186225" }, { "category": "external", "summary": "2186475", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186475" }, { "category": "external", "summary": "2186752", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186752" }, { "category": "external", "summary": "2187251", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187251" }, { "category": "external", "summary": "2187296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187296" }, { "category": "external", "summary": "2187736", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187736" }, { "category": "external", "summary": "2187952", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187952" }, { "category": "external", "summary": "2187969", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187969" }, { "category": "external", "summary": "2187986", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187986" }, { "category": "external", "summary": "2188053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188053" }, { "category": "external", "summary": "2188238", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188238" }, { "category": "external", "summary": "2188303", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188303" }, { "category": "external", "summary": "2188427", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188427" }, { "category": "external", "summary": "2188666", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188666" }, { "category": "external", "summary": "2189483", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189483" }, { "category": "external", "summary": "2189929", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189929" }, { "category": "external", "summary": "2189982", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189982" }, { "category": "external", "summary": "2189984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189984" }, { "category": "external", "summary": "2190129", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190129" }, { "category": "external", "summary": "2190241", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190241" }, { "category": "external", "summary": "2192088", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192088" }, { "category": "external", "summary": "2192670", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192670" }, { "category": "external", "summary": "2192824", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192824" }, { "category": "external", "summary": "2192875", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192875" }, { "category": "external", "summary": "2193114", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2193114" }, { "category": "external", "summary": "2193220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2193220" }, { "category": "external", "summary": "2196176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196176" }, { "category": "external", "summary": "2196236", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196236" }, { "category": "external", "summary": "2196298", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196298" }, { "category": "external", "summary": "2203795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2203795" }, { "category": "external", "summary": "2208029", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208029" }, { "category": "external", "summary": "2208079", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208079" }, { "category": "external", "summary": "2208269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208269" }, { "category": "external", "summary": "2208558", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208558" }, { "category": "external", "summary": "2208962", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208962" }, { "category": "external", "summary": "2209364", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209364" }, { "category": "external", "summary": "2209643", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209643" }, { "category": "external", "summary": "2209695", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209695" }, { "category": "external", "summary": "2210964", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210964" }, { "category": "external", "summary": "2211334", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211334" }, { "category": "external", "summary": "2211343", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211343" }, { "category": "external", "summary": "2211704", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211704" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3742.json" } ], "title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update", "tracking": { "current_release_date": "2024-11-06T03:15:04+00:00", "generator": { "date": "2024-11-06T03:15:04+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2023:3742", "initial_release_date": "2023-06-21T15:22:11+00:00", "revision_history": [ { "date": "2023-06-21T15:22:11+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-06-22T19:51:30+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T03:15:04+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHODF 4.13 for RHEL 9", "product": { "name": "RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift_data_foundation:4.13::el9" } } } ], "category": "product_family", "name": "Red Hat OpenShift Data Foundation" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "product": { "name": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "product_id": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.13.0-35" } } }, { "category": "product_version", "name": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "product": { "name": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "product_id": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.13.0-17" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "product": { "name": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "product_id": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.13.0-41" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "product": { "name": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "product_id": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "product": { "name": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "product_id": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.13.0-41" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "product_id": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "product": { "name": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "product_id": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.13.0-17" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "product": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.13.0-78" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "product": { "name": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "product_id": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "product": { "name": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "product_id": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.13.0-67" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "product": { "name": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "product_id": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.13.0-85" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "product": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "product": { "name": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "product_id": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.13.0-81" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "product": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "product_id": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "product": { "name": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "product_id": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.13.0-35" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "product": { "name": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "product_id": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "product": { "name": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "product_id": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.13.0-24" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "product_id": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "product_id": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.13.0-217" } } }, { "category": "product_version", "name": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "product": { "name": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "product_id": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.13.0-33" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "product": { "name": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "product_id": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.13.0-70" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "product": { "name": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "product_id": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.13.0-35" } } }, { "category": "product_version", "name": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "product": { "name": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "product_id": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.13.0-17" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "product": { "name": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "product_id": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.13.0-41" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "product": { "name": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "product_id": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "product": { "name": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "product_id": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.13.0-41" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "product_id": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "product": { "name": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "product_id": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.13.0-17" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "product": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.13.0-78" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "product": { "name": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "product_id": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "product": { "name": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "product_id": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.13.0-67" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "product": { "name": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "product_id": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.13.0-85" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "product": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "product": { "name": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "product_id": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.13.0-81" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "product": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "product_id": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "product": { "name": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "product_id": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.13.0-35" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "product": { "name": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "product_id": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "product": { "name": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "product_id": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.13.0-24" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "product_id": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "product_id": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.13.0-217" } } }, { "category": "product_version", "name": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "product": { "name": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "product_id": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.13.0-33" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le", "product": { "name": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le", "product_id": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.13.0-70" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "product": { "name": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "product_id": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.13.0-35" } } }, { "category": "product_version", "name": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "product": { "name": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "product_id": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.13.0-17" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "product": { "name": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "product_id": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.13.0-41" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "product": { "name": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "product_id": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "product": { "name": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "product_id": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.13.0-41" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "product_id": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "product": { "name": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "product_id": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.13.0-17" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "product": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.13.0-78" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "product": { "name": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "product_id": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "product": { "name": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "product_id": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.13.0-67" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "product": { "name": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "product_id": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.13.0-85" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "product": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "product": { "name": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "product_id": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.13.0-81" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "product": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "product_id": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "product": { "name": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "product_id": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.13.0-35" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "product": { "name": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "product_id": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "product": { "name": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "product_id": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.13.0-24" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "product_id": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.13.0-218" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "product_id": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.13.0-217" } } }, { "category": "product_version", "name": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "product": { "name": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "product_id": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.13.0-33" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "product": { "name": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "product_id": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.13.0-70" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "product": { "name": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "product_id": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "product_identification_helper": { "purl": "pkg:oci/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.13.0-17" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "product": { "name": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "product_id": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.13.0-41" } } }, { "category": "product_version", "name": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "product": { "name": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "product_id": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.13.0-41" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "product": { "name": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "product_id": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.13.0-17" } } }, { "category": "product_version", "name": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "product": { "name": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "product_id": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.13.0-67" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "product": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "product": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "product_id": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.13.0-18" } } }, { "category": "product_version", "name": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "product": { "name": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "product_id": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "product_identification_helper": { "purl": "pkg:oci/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.13.0-35" } } }, { "category": "product_version", "name": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "product": { "name": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "product_id": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "product_identification_helper": { "purl": "pkg:oci/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.13.0-24" } } }, { "category": "product_version", "name": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "product": { "name": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "product_id": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "product_identification_helper": { "purl": "pkg:oci/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.13.0-33" } } } ], "category": "architecture", "name": "arm64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64" }, "product_reference": "odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x" }, "product_reference": "odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le" }, "product_reference": "odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64" }, "product_reference": "odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64" }, "product_reference": "odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x" }, "product_reference": "odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le" }, "product_reference": "odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le" }, "product_reference": "odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x" }, "product_reference": "odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64" }, "product_reference": "odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" }, "product_reference": "odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le" }, "product_reference": "odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x" }, "product_reference": "odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64" }, "product_reference": "odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64" }, "product_reference": "odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x" }, "product_reference": "odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64" }, "product_reference": "odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" }, "product_reference": "odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x" }, "product_reference": "odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64" }, "product_reference": "odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le" }, "product_reference": "odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64" }, "product_reference": "odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64" }, "product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le" }, "product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x" }, "product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le" }, "product_reference": "odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x" }, "product_reference": "odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64" }, "product_reference": "odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64" }, "product_reference": "odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64" }, "product_reference": "odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x" }, "product_reference": "odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le" }, "product_reference": "odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64" }, "product_reference": "odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le" }, "product_reference": "odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x" }, "product_reference": "odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le" }, "product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x" }, "product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64" }, "product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64" }, "product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64" }, "product_reference": "odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le" }, "product_reference": "odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x" }, "product_reference": "odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64" }, "product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64" }, "product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x" }, "product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le" }, "product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64" }, "product_reference": "odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64" }, "product_reference": "odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x" }, "product_reference": "odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le" }, "product_reference": "odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le" }, "product_reference": "odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x" }, "product_reference": "odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64" }, "product_reference": "odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x" }, "product_reference": "odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64" }, "product_reference": "odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64" }, "product_reference": "odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" }, "product_reference": "odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le" }, "product_reference": "odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64" }, "product_reference": "odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64" }, "product_reference": "odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" }, "product_reference": "odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x" }, "product_reference": "odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64 as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64" }, "product_reference": "odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "relates_to_product_reference": "9Base-RHODF-4.13" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le as a component of RHODF 4.13 for RHEL 9", "product_id": "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" }, "product_reference": "odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le", "relates_to_product_reference": "9Base-RHODF-4.13" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-16250", "cwe": { "id": "CWE-345", "name": "Insufficient Verification of Data Authenticity" }, "discovery_date": "2023-02-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2167337" } ], "notes": [ { "category": "description", "text": "A flaw was found in Vault and Vault Enterprise (\u201cVault\u201d). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM identities and roles may be manipulated and bypass authentication.", "title": "Vulnerability description" }, { "category": "summary", "text": "vault: Hashicorp Vault AWS IAM Integration Authentication Bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-16250" }, { "category": "external", "summary": "RHBZ#2167337", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167337" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-16250", "url": "https://www.cve.org/CVERecord?id=CVE-2020-16250" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16250", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16250" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2020-16-vault-s-aws-auth-method-allows-authentication-bypass/18101", "url": "https://discuss.hashicorp.com/t/hcsec-2020-16-vault-s-aws-auth-method-allows-authentication-bypass/18101" } ], "release_date": "2020-08-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "vault: Hashicorp Vault AWS IAM Integration Authentication Bypass" }, { "cve": "CVE-2020-16251", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "discovery_date": "2023-02-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2167340" } ], "notes": [ { "category": "description", "text": "A flaw was found in Vault and Vault Enterprise (\u201cVault\u201d). In affected versions of Vault, with the GCP Auth Method configured and under certain circumstances, the values relied upon by Vault to validate Google Compute Engine (GCE) VMs may be manipulated and bypass authentication.", "title": "Vulnerability description" }, { "category": "summary", "text": "vault: GCP Auth Method Allows Authentication Bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-16251" }, { "category": "external", "summary": "RHBZ#2167340", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167340" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-16251", "url": "https://www.cve.org/CVERecord?id=CVE-2020-16251" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16251", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16251" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2020-17-vault-s-gcp-auth-method-allows-authentication-bypass/18102", "url": "https://discuss.hashicorp.com/t/hcsec-2020-17-vault-s-gcp-auth-method-allows-authentication-bypass/18102" } ], "release_date": "2020-08-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "vault: GCP Auth Method Allows Authentication Bypass" }, { "cve": "CVE-2021-3765", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-09-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2126299" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the validator package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "validator: Inefficient Regular Expression Complexity in Validator.js", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3765" }, { "category": "external", "summary": "RHBZ#2126299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126299" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3765", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3765" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3765", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3765" }, { "category": "external", "summary": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9", "url": "https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9" } ], "release_date": "2021-11-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "validator: Inefficient Regular Expression Complexity in Validator.js" }, { "cve": "CVE-2021-3807", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-09-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2007557" } ], "notes": [ { "category": "description", "text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3807" }, { "category": "external", "summary": "RHBZ#2007557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3807" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" }, { "category": "external", "summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994", "url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994" } ], "release_date": "2021-09-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes" }, { "cve": "CVE-2021-4235", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-12-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156727" } ], "notes": [ { "category": "description", "text": "A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.", "title": "Vulnerability description" }, { "category": "summary", "text": "go-yaml: Denial of Service in go-yaml", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-4235" }, { "category": "external", "summary": "RHBZ#2156727", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156727" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-4235", "url": "https://www.cve.org/CVERecord?id=CVE-2021-4235" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4235", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4235" }, { "category": "external", "summary": "https://github.com/go-yaml/yaml/commit/bb4e33bf68bf89cad44d386192cbed201f35b241", "url": "https://github.com/go-yaml/yaml/commit/bb4e33bf68bf89cad44d386192cbed201f35b241" }, { "category": "external", "summary": "https://github.com/go-yaml/yaml/pull/375", "url": "https://github.com/go-yaml/yaml/pull/375" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2021-0061", "url": "https://pkg.go.dev/vuln/GO-2021-0061" } ], "release_date": "2022-12-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "go-yaml: Denial of Service in go-yaml" }, { "cve": "CVE-2021-4238", "cwe": { "id": "CWE-331", "name": "Insufficient Entropy" }, "discovery_date": "2022-12-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156729" } ], "notes": [ { "category": "description", "text": "A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functions.", "title": "Vulnerability description" }, { "category": "summary", "text": "goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-4238" }, { "category": "external", "summary": "RHBZ#2156729", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156729" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-4238", "url": "https://www.cve.org/CVERecord?id=CVE-2021-4238" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4238", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4238" }, { "category": "external", "summary": "https://github.com/Masterminds/goutils/commit/869801f20f9f1e7ecdbdb6422049d8241270d5e1", "url": "https://github.com/Masterminds/goutils/commit/869801f20f9f1e7ecdbdb6422049d8241270d5e1" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-3839-6r69-m497", "url": "https://github.com/advisories/GHSA-3839-6r69-m497" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2022-0411", "url": "https://pkg.go.dev/vuln/GO-2022-0411" } ], "release_date": "2022-12-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be" }, { "cve": "CVE-2021-43998", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "discovery_date": "2021-11-30T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2028193" } ], "notes": [ { "category": "description", "text": "A flaw was found in HashiCorp Vault. In affected versions of HashiCorp Vault and Vault Enterprise, templated ACL policies would always match the first-created entity alias if multiple entity aliases exist for a specified entity and mount combination, potentially resulting in incorrect policy enforcement.", "title": "Vulnerability description" }, { "category": "summary", "text": "vault: incorrect policy enforcement", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-43998" }, { "category": "external", "summary": "RHBZ#2028193", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028193" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-43998", "url": "https://www.cve.org/CVERecord?id=CVE-2021-43998" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43998", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43998" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2021-30-vaults-templated-acl-policies-matched-first-created-alias-per-entity-and-auth-backend/32132", "url": "https://discuss.hashicorp.com/t/hcsec-2021-30-vaults-templated-acl-policies-matched-first-created-alias-per-entity-and-auth-backend/32132" } ], "release_date": "2021-11-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "vault: incorrect policy enforcement" }, { "cve": "CVE-2021-44531", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2022-01-11T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040839" } ], "notes": [ { "category": "description", "text": "A flaw was found in node.js where it accepted a certificate\u0027s Subject Alternative Names (SAN) entry, as opposed to what is specified by the HTTPS protocol. This flaw allows an active person-in-the-middle to forge a certificate and impersonate a trusted host.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Improper handling of URI Subject Alternative Names", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\" with impact LOW.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44531" }, { "category": "external", "summary": "RHBZ#2040839", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040839" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44531", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44531" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: Improper handling of URI Subject Alternative Names" }, { "cve": "CVE-2021-44532", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2022-01-11T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040846" } ], "notes": [ { "category": "description", "text": "It was found that node.js did not safely read the x509 certificate generalName format properly, resulting in data injection. A certificate could use a specially crafted extension in order to be successfully validated, permitting an attacker to impersonate a trusted host.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Certificate Verification Bypass via String Injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\" with impact LOW.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44532" }, { "category": "external", "summary": "RHBZ#2040846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040846" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44532", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44532" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: Certificate Verification Bypass via String Injection" }, { "cve": "CVE-2021-44533", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2022-01-11T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040856" } ], "notes": [ { "category": "description", "text": "A flaw was found in node.js, where it did not properly handle multi-value Relative Distinguished Names. This flaw allows a specially crafted x509 certificate to produce a false multi-value Relative Distinguished Name and to inject arbitrary data in node.js libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Incorrect handling of certificate subject and issuer fields", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally, there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore, the Quay component is marked as \"Will not fix\" with impact LOW.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44533" }, { "category": "external", "summary": "RHBZ#2040856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040856" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44533", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44533" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44533", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44533" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: Incorrect handling of certificate subject and issuer fields" }, { "acknowledgments": [ { "names": [ "Adam Korczynski" ], "organization": "ADA Logics" }, { "names": [ "OSS-Fuzz" ] } ], "cve": "CVE-2022-2879", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2022-10-07T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2132867" } ], "notes": [ { "category": "description", "text": "A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: archive/tar: unbounded memory consumption when reading headers", "title": "Vulnerability summary" }, { "category": "other", "text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-2879" }, { "category": "external", "summary": "RHBZ#2132867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-2879", "url": "https://www.cve.org/CVERecord?id=CVE-2022-2879" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879" }, { "category": "external", "summary": "https://github.com/golang/go/issues/54853", "url": "https://github.com/golang/go/issues/54853" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1", "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1" } ], "release_date": "2022-10-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: archive/tar: unbounded memory consumption when reading headers" }, { "acknowledgments": [ { "names": [ "Daniel Abeles" ], "organization": "Head of Research, Oxeye" }, { "names": [ "Gal Goldstein" ], "organization": "Security Researcher, Oxeye" } ], "cve": "CVE-2022-2880", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2022-10-07T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2132868" } ], "notes": [ { "category": "description", "text": "A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters", "title": "Vulnerability summary" }, { "category": "other", "text": "The opportunity to exploit this vulnerability is limited to the Golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-2880" }, { "category": "external", "summary": "RHBZ#2132868", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-2880", "url": "https://www.cve.org/CVERecord?id=CVE-2022-2880" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880" }, { "category": "external", "summary": "https://github.com/golang/go/issues/54663", "url": "https://github.com/golang/go/issues/54663" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1", "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1" } ], "release_date": "2022-10-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters" }, { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "cve": "CVE-2022-21824", "cwe": { "id": "CWE-915", "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes" }, "discovery_date": "2022-01-11T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040862" } ], "notes": [ { "category": "description", "text": "Due to the formatting logic of the \"console.table()\" function it was not safe to allow user controlled input to be passed to the \"properties\" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be \"__proto__\". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js \u003e= 12.22.9, \u003e= 14.18.3, \u003e= 16.13.2, and \u003e= 17.3.1 use a null protoype for the object these properties are being assigned to.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Prototype pollution via console.table properties", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-21824" }, { "category": "external", "summary": "RHBZ#2040862", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040862" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-21824", "url": "https://www.cve.org/CVERecord?id=CVE-2022-21824" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21824", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21824" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs: Prototype pollution via console.table properties" }, { "cve": "CVE-2022-23540", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2023-02-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2169378" } ], "notes": [ { "category": "description", "text": "A flaw was found in the jsonwebtoken library. In affected versions of the jsonwebtoken library, lack of algorithm definition and a falsy secret or key in the jwt.verify() function may lead to signature validation bypass due to defaulting to the none algorithm for signature verification.", "title": "Vulnerability description" }, { "category": "summary", "text": "jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-23540" }, { "category": "external", "summary": "RHBZ#2169378", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169378" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23540", "url": "https://www.cve.org/CVERecord?id=CVE-2022-23540" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23540", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23540" }, { "category": "external", "summary": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-qwph-4952-7xr6", "url": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-qwph-4952-7xr6" } ], "release_date": "2022-12-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass" }, { "cve": "CVE-2022-23541", "cwe": { "id": "CWE-1259", "name": "Improper Restriction of Security Token Assignment" }, "discovery_date": "2023-02-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2169375" } ], "notes": [ { "category": "description", "text": "A flaw was found in the jsonwebtoken library. Affected versions of jsonwebtoken library can be misconfigured so that passing a poorly implemented key retrieval function will result in incorrect verification of tokens. Using a different algorithm and key combination in verification than what was used to sign the tokens, specifically, tokens signed with an asymmetric public key could be verified with a symmetric HS256 algorithm. This can lead to the successful validation of forged tokens.", "title": "Vulnerability description" }, { "category": "summary", "text": "jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-23541" }, { "category": "external", "summary": "RHBZ#2169375", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169375" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23541", "url": "https://www.cve.org/CVERecord?id=CVE-2022-23541" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23541", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23541" }, { "category": "external", "summary": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-hjrf-2m68-5959", "url": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-hjrf-2m68-5959" } ], "release_date": "2022-12-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC" }, { "cve": "CVE-2022-27664", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-09-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2124669" } ], "notes": [ { "category": "description", "text": "A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http: handle server errors after sending GOAWAY", "title": "Vulnerability summary" }, { "category": "other", "text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-27664" }, { "category": "external", "summary": "RHBZ#2124669", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-27664", "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664" }, { "category": "external", "summary": "https://go.dev/issue/54658", "url": "https://go.dev/issue/54658" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", "url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ" } ], "release_date": "2022-09-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/http: handle server errors after sending GOAWAY" }, { "cve": "CVE-2022-30635", "cwe": { "id": "CWE-1325", "name": "Improperly Controlled Sequential Memory Allocation" }, "discovery_date": "2022-07-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2107388" } ], "notes": [ { "category": "description", "text": "A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: encoding/gob: stack exhaustion in Decoder.Decode", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift Container Platform (OCP) starting from 4.10 stream is already compiled in the patched version of Go, hence is not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-30635" }, { "category": "external", "summary": "RHBZ#2107388", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30635", "url": "https://www.cve.org/CVERecord?id=CVE-2022-30635" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30635", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30635" }, { "category": "external", "summary": "https://go.dev/issue/53615", "url": "https://go.dev/issue/53615" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE", "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" } ], "release_date": "2022-07-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: encoding/gob: stack exhaustion in Decoder.Decode" }, { "cve": "CVE-2022-32189", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-08-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2113814" } ], "notes": [ { "category": "description", "text": "An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw stems from a particular and specific method (GoBDecode) which isn\u0027t commonly used. There are few components within Red Hat offerings which call this function. In rare cases where this method is called, the component limits possible damage or it is not possible to be triggered by an attacker. For these combined reasons the impact has been downgraded to Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-32189" }, { "category": "external", "summary": "RHBZ#2113814", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32189", "url": "https://www.cve.org/CVERecord?id=CVE-2022-32189" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189" }, { "category": "external", "summary": "https://go.dev/issue/53871", "url": "https://go.dev/issue/53871" }, { "category": "external", "summary": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU", "url": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU" } ], "release_date": "2022-08-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service" }, { "cve": "CVE-2022-32190", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2022-09-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2124668" } ], "notes": [ { "category": "description", "text": "A flaw was found in the golang package. The JoinPath doesn\u0027t remove the ../ path components appended to a domain that is not terminated by a slash, possibly leading to a directory traversal attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/url: JoinPath does not strip relative path components in all circumstances", "title": "Vulnerability summary" }, { "category": "other", "text": "The vulnerable functions, JoinPath and URL.JoinPath was introduced in upstream go1.19, whereas, RHEL ships go1.17 and go1.18 versions, which does not contain the vulnerable code. Hence, packages shipped with RHEL-8, RHEL-9 are not affected.\n\nAll Y stream releases of OpenShift Container Platform 4 run on RHEL-8 or RHEL-9, so OCP 4 is also not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-32190" }, { "category": "external", "summary": "RHBZ#2124668", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32190", "url": "https://www.cve.org/CVERecord?id=CVE-2022-32190" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190" }, { "category": "external", "summary": "https://go.dev/issue/54385", "url": "https://go.dev/issue/54385" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", "url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ" } ], "release_date": "2022-09-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/url: JoinPath does not strip relative path components in all circumstances" }, { "cve": "CVE-2022-38149", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2022-08-18T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2119551" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the HashiCorp Consul Template. This issue may reveal the contents of a Vault secret when used with an invalid template.", "title": "Vulnerability description" }, { "category": "summary", "text": "consul: Consul Template May Expose Vault Secrets When Processing Invalid Input", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38149" }, { "category": "external", "summary": "RHBZ#2119551", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119551" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38149", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38149" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38149", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38149" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hsec-2022-16-consul-template-may-expose-vault-secrets-when-processing-invalid-input/43215", "url": "https://discuss.hashicorp.com/t/hsec-2022-16-consul-template-may-expose-vault-secrets-when-processing-invalid-input/43215" } ], "release_date": "2022-08-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "consul: Consul Template May Expose Vault Secrets When Processing Invalid Input" }, { "cve": "CVE-2022-38900", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2023-02-16T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170644" } ], "notes": [ { "category": "description", "text": "A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "decode-uri-component: improper input validation resulting in DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "For OpenShift Container Platform (OCP), Advanced Clusters Management for Kubernetes (ACM) and Advanced Cluster Security (ACS), the NPM decode-uri-component package is only present in source repositories as a development dependency, it is not used in production. Therefore this vulnerability is rated Low for OCP and ACS.\n\nIn Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container bundles many nodejs packages as a build time dependencies, including the decode-uri-component package. \nThe vulnerable code is not used, hence the impact to OpenShift Logging by this vulnerability is Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38900" }, { "category": "external", "summary": "RHBZ#2170644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38900", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38900" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900" }, { "category": "external", "summary": "https://github.com/SamVerschueren/decode-uri-component/issues/5", "url": "https://github.com/SamVerschueren/decode-uri-component/issues/5" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-w573-4hg7-7wgq", "url": "https://github.com/advisories/GHSA-w573-4hg7-7wgq" } ], "release_date": "2022-11-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "decode-uri-component: improper input validation resulting in DoS" }, { "cve": "CVE-2022-41316", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2022-10-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135339" } ], "notes": [ { "category": "description", "text": "A flaw was found in HashiCorp Vault and Vault Enterprise. Vault\u2019s TLS certificate auth method did not initially load the optionally-configured CRL issued by the role\u2019s Certificate Authority (CA) into memory on startup, resulting in the revocation list not being checked if the CRL has not yet been retrieved.", "title": "Vulnerability description" }, { "category": "summary", "text": "vault: insufficient certificate revocation list checking", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41316" }, { "category": "external", "summary": "RHBZ#2135339", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135339" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41316", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41316" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41316", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41316" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2022-24-vaults-tls-cert-auth-method-only-loaded-crl-after-first-request/45483", "url": "https://discuss.hashicorp.com/t/hcsec-2022-24-vaults-tls-cert-auth-method-only-loaded-crl-after-first-request/45483" } ], "release_date": "2022-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "vault: insufficient certificate revocation list checking" }, { "acknowledgments": [ { "names": [ "Adam Korczynski" ], "organization": "ADA Logics" }, { "names": [ "OSS-Fuzz" ] } ], "cve": "CVE-2022-41715", "discovery_date": "2022-10-07T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2132872" } ], "notes": [ { "category": "description", "text": "A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: regexp/syntax: limit memory used by parsing regexps", "title": "Vulnerability summary" }, { "category": "other", "text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41715" }, { "category": "external", "summary": "RHBZ#2132872", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41715", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715" }, { "category": "external", "summary": "https://github.com/golang/go/issues/55949", "url": "https://github.com/golang/go/issues/55949" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1", "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1" } ], "release_date": "2022-10-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: regexp/syntax: limit memory used by parsing regexps" }, { "cve": "CVE-2022-41717", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2023-01-16T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2161274" } ], "notes": [ { "category": "description", "text": "A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests", "title": "Vulnerability summary" }, { "category": "other", "text": "Within Red Hat OpenShift Container Platform, the grafana container is listed as will not fix. Since OCP 4.10, Grafana itself is not shipped and the Grafana web server is protected behind an OAuth proxy server.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41717" }, { "category": "external", "summary": "RHBZ#2161274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41717", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41717" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717" }, { "category": "external", "summary": "https://go.dev/cl/455635", "url": "https://go.dev/cl/455635" }, { "category": "external", "summary": "https://go.dev/cl/455717", "url": "https://go.dev/cl/455717" }, { "category": "external", "summary": "https://go.dev/issue/56350", "url": "https://go.dev/issue/56350" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", "url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2022-1144", "url": "https://pkg.go.dev/vuln/GO-2022-1144" } ], "release_date": "2022-11-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests" }, { "acknowledgments": [ { "names": [ "Philippe Antoine" ], "organization": "Catena Cyber" } ], "cve": "CVE-2022-41723", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-03-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178358" } ], "notes": [ { "category": "description", "text": "A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding", "title": "Vulnerability summary" }, { "category": "other", "text": "Within OpenShift Container Platform, the maximum impact of this vulnerability is a denial of service against an individual container so the impact could not cascade across the entire infrastructure, this vulnerability is rated Moderate impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41723" }, { "category": "external", "summary": "RHBZ#2178358", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41723", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41723" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", "url": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h" }, { "category": "external", "summary": "https://go.dev/cl/468135", "url": "https://go.dev/cl/468135" }, { "category": "external", "summary": "https://go.dev/cl/468295", "url": "https://go.dev/cl/468295" }, { "category": "external", "summary": "https://go.dev/issue/57855", "url": "https://go.dev/issue/57855" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2023-1571", "url": "https://pkg.go.dev/vuln/GO-2023-1571" }, { "category": "external", "summary": "https://vuln.go.dev/ID/GO-2023-1571.json", "url": "https://vuln.go.dev/ID/GO-2023-1571.json" } ], "release_date": "2023-02-17T14:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding" }, { "cve": "CVE-2022-41724", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-03-15T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178492" } ], "notes": [ { "category": "description", "text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: crypto/tls: large handshake records may cause panics", "title": "Vulnerability summary" }, { "category": "other", "text": "The opportunity for a denial of service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41724" }, { "category": "external", "summary": "RHBZ#2178492", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41724", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41724" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724" }, { "category": "external", "summary": "https://go.dev/cl/468125", "url": "https://go.dev/cl/468125" }, { "category": "external", "summary": "https://go.dev/issue/58001", "url": "https://go.dev/issue/58001" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2023-1570", "url": "https://pkg.go.dev/vuln/GO-2023-1570" } ], "release_date": "2023-02-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: crypto/tls: large handshake records may cause panics" }, { "cve": "CVE-2022-41725", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-03-15T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178488" } ], "notes": [ { "category": "description", "text": "A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http, mime/multipart: denial of service from excessive resource consumption", "title": "Vulnerability summary" }, { "category": "other", "text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41725" }, { "category": "external", "summary": "RHBZ#2178488", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41725", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41725" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725" }, { "category": "external", "summary": "https://go.dev/cl/468124", "url": "https://go.dev/cl/468124" }, { "category": "external", "summary": "https://go.dev/issue/58006", "url": "https://go.dev/issue/58006" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2023-1569", "url": "https://pkg.go.dev/vuln/GO-2023-1569" } ], "release_date": "2023-02-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/http, mime/multipart: denial of service from excessive resource consumption" }, { "cve": "CVE-2022-46175", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-26T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156263" } ], "notes": [ { "category": "description", "text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.", "title": "Vulnerability description" }, { "category": "summary", "text": "json5: Prototype Pollution in JSON5 via Parse Method", "title": "Vulnerability summary" }, { "category": "other", "text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46175" }, { "category": "external", "summary": "RHBZ#2156263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46175" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175" }, { "category": "external", "summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h", "url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h" } ], "release_date": "2022-12-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "json5: Prototype Pollution in JSON5 via Parse Method" }, { "cve": "CVE-2023-0620", "cwe": { "id": "CWE-89", "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)" }, "discovery_date": "2023-04-05T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2184663" } ], "notes": [ { "category": "description", "text": "A flaw was found in HashiCorp Vault and Vault Enterprise, which are vulnerable to SQL injection. This flaw allows a local authenticated attacker to send specially-crafted SQL statements to the Microsoft SQL (MSSQL) Database Storage Backend, which could allow the attacker to view, add, modify, or delete information in the backend database.", "title": "Vulnerability description" }, { "category": "summary", "text": "vault: Vault\u2019s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0620" }, { "category": "external", "summary": "RHBZ#2184663", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184663" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0620", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0620" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0620", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0620" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2023-12-vault-s-microsoft-sql-database-storage-backend-vulnerable-to-sql-injection-via-configuration-file/52080", "url": "https://discuss.hashicorp.com/t/hcsec-2023-12-vault-s-microsoft-sql-database-storage-backend-vulnerable-to-sql-injection-via-configuration-file/52080" } ], "release_date": "2023-03-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "vault: Vault\u2019s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File" }, { "cve": "CVE-2023-0665", "cwe": { "id": "CWE-285", "name": "Improper Authorization" }, "discovery_date": "2023-03-30T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2182981" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Hashicorp vault. Vault\u2019s PKI mount issuer endpoints did not correctly authorize access to remove an issuer or modify issuer metadata, potentially resulting in a denial of service of the PKI mount. This bug did not affect public or private key material, trust chains, or certificate issuance.", "title": "Vulnerability description" }, { "category": "summary", "text": "hashicorp/vault: Vault\u2019s PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0665" }, { "category": "external", "summary": "RHBZ#2182981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182981" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0665", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0665" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0665", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0665" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2023-11-vault-s-pki-issuer-endpoint-did-not-correctly-authorize-access-to-issuer-metadata/52079/1", "url": "https://discuss.hashicorp.com/t/hcsec-2023-11-vault-s-pki-issuer-endpoint-did-not-correctly-authorize-access-to-issuer-metadata/52079/1" } ], "release_date": "2023-03-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "hashicorp/vault: Vault\u2019s PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata" }, { "cve": "CVE-2023-24999", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "discovery_date": "2023-03-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2177844" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Hashicorp vault. When using the Vault and Vault Enterprise approle auth method, any authenticated user with access to the /auth/approle/role/:role_name/secret-id-accessor/destroy endpoint can destroy the secret ID of another role by providing the secret ID accessor.", "title": "Vulnerability description" }, { "category": "summary", "text": "Hashicorp/vault: Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-24999" }, { "category": "external", "summary": "RHBZ#2177844", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177844" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2023-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24999" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2023-07-vault-fails-to-verify-if-approle-secretid-belongs-to-role-during-a-destroy-operation/51305", "url": "https://discuss.hashicorp.com/t/hcsec-2023-07-vault-fails-to-verify-if-approle-secretid-belongs-to-role-during-a-destroy-operation/51305" } ], "release_date": "2023-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Hashicorp/vault: Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation" }, { "cve": "CVE-2023-25000", "cwe": { "id": "CWE-208", "name": "Observable Timing Discrepancy" }, "discovery_date": "2023-03-30T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2182972" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Hashicorp vault. This flaw allows an attacker with access to and the ability to observe a large number of unseal operations on the host through a side channel to reduce the search space of a brute-force effort to recover the Shamir shares.", "title": "Vulnerability description" }, { "category": "summary", "text": "hashicorp/vault: Cache-Timing Attacks During Seal and Unseal Operations", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "known_not_affected": [ "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:069d8bdcaa6ddc628f115d6ec3f3e851e06d4274594d9cd3cd567e574ba1baed_amd64", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:3cc3dfbc6d6227a4085ffc5bef9dab0702e7d2096ad782b6b0c9c002f1e60749_s390x", "9Base-RHODF-4.13:odf4/cephcsi-rhel9@sha256:e1af0b5bc33688e5ca9c209658dd44285f4d1707e0c165a7c6a7f4934006f5f9_ppc64le", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:05955b12d9597865f21a2fce097eecaf16218d1b2a3147fbdd0fe0199f792549_arm64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:357598ae9ea1314a29e9321aff303c36002b499e6474e14ae58ed63290a76f55_amd64", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:861762b4a8aa19ed2ece5d1b48a2aea137dbba2b03af40570bdb60ceda426dde_s390x", "9Base-RHODF-4.13:odf4/mcg-cli-rhel9@sha256:945ca7475dff23abc318af69b9513b9412f3b8b3498fbeb8c59c114c5fdeea2c_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:1f4994c5fa092afb665c3b63a8691ba5b15702f83fbd1e4ac70eb1803f6f68f2_ppc64le", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:5d0ab671d71e1d6307836a05e0a9f14bb260277f646dc63252291b12921473c2_s390x", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:862a2ab41511a86c7e7ee1f0538736b78e49035f3e8fb6d8e801608b913c2826_amd64", "9Base-RHODF-4.13:odf4/mcg-core-rhel9@sha256:f37b4f0598d46dd8ca2183ea52d52e96163f71666617a98c671100a705be2cb0_arm64", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:1e1adf4e3f3766f183daf98ff88de7dbb76cd000a81ac2e698ca74e9e0f2c0e6_ppc64le", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:d5bea64dc86eee978b678c6d47d855568b97a18c9c5c3e5998f0ca36f945a296_s390x", "9Base-RHODF-4.13:odf4/mcg-operator-bundle@sha256:ebfd21cd14efd7c95d53c8f3b939e4e8167ae9aed8ad12ce1985a3d09e2a51be_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:5143db374ccea9fe2a7ca95b1bc655c403509faff7e42b8c672767bc2863418e_amd64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:a2e6602ddc468c91df80eeb06e0dff4dc1fa509b4b68de43be466b9bd1a90316_s390x", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e05c0308d1008f447f87bdea4b23ef56e98d27cd6845c261f5d31cb9cdbb46ac_arm64", "9Base-RHODF-4.13:odf4/mcg-rhel9-operator@sha256:e7e47e90eba427843513e2bc868d4ae3f0816db9847ddec4f96a6f41cd0769ab_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:150eea388a6ede971105b485c52ed4cbd4d3f0c8dffa32bf09d08b542e109362_s390x", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:4c595ee2b908460180617dba1057fab5e48d8ddd07d434948ebbd9232bec80de_amd64", "9Base-RHODF-4.13:odf4/ocs-client-operator-bundle@sha256:fdeab34e65c61763315f4a3ce0d8a092c825589f58ea4d9e320a2376955023bf_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:3258ec9716f45b3428352cc3510d6d8b3ca41ed75fd1a81cd61275249d3fef90_s390x", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:9e67b060718c891f53d000f0899006f226d703de63b6feede42ea45df9686b64_amd64", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:d89f084da3f8d145b1e5e9e4d0dc63994c06422b6df92c9efac0e162fd8610b2_ppc64le", "9Base-RHODF-4.13:odf4/ocs-client-rhel9-operator@sha256:e692d480075469adeb6fbec1d08121fadaedcde7950e5a2dfdfb6024e38d8990_arm64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:2d6cdbf994a9bd03e80b8fba39d6d4b033622615c543ff0300ee960508ae07aa_amd64", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:7d1c503d9f48a8efec3f06aa3deb28144a888c88f1bb3beeeb2465ae58b5e394_ppc64le", "9Base-RHODF-4.13:odf4/ocs-metrics-exporter-rhel9@sha256:c5a5c9515f2b2564ecd718886f2e27ec54402d29ea4bf6e1ad33f63eb0bd9d57_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:24bc40a30a9c0731ac718374fdae5b7e1c45f103495294245d704ca0f69f35df_ppc64le", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:9ae5f567047c26d7ebb36c53c304f402b03c276923621e3dd51d35d1b4b0e0d0_s390x", "9Base-RHODF-4.13:odf4/ocs-operator-bundle@sha256:b44f5fbf874ea565d566c7a149e0be4333d07d1c896dba9aa0a308a35e990e41_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:4610b8989b6fae91da065da2a50f661dd044ea22452372c4321f74a935c6de7c_amd64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:64aa10ced42edb3481d94d62261f56fa991220e9eeec7b142fda6b95a5c2d69d_arm64", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:d67c7a2032a92737c0f9ab9ff2f181b3e15d53203bd4cbb6eef9b3d9655631e4_s390x", "9Base-RHODF-4.13:odf4/ocs-rhel9-operator@sha256:ec86e82a9fc412e174561fe9f808b05cee716c7e6498498c3b3d32e48d6f19ed_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:97d94bc216b9265135493a262ffcd39a7c5f9f67cdcac39c0a7c4378ded420b9_amd64", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:b0981a245672d2f918cad4d5e4a43f1fdd403d446e3f890de18b0dc71141dc1c_ppc64le", "9Base-RHODF-4.13:odf4/odf-console-rhel9@sha256:d13cad8671f69122e33afde5e53b0a9e0728fbfac2df3e981b14bc57b990f210_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:23c631bed1bca5a339c63032bf4b02edb27f0f0d15a81de66208dd7328a22f6b_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:531016e1b8d56e49130ef8a9610223142c0410b41c7e099d5fa08289afa99306_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-operator-bundle@sha256:e3265779c83c26832c898c9f64ec1287a8e63a32433a8303b8e3952e008a3ae9_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:328ebea8a0577b3b3f5df2ddfda109134350f700ccde362834ca4aa88614cde8_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:841ce1cde9d230458bd071fa943ebfc3dda29fc0e63ebabd2dad8bdd055acfa0_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:a8f28a0c576d5eabfa1b11cb3ca94cfaca7d295a3f419f3557a0d9cbb6f91135_amd64", "9Base-RHODF-4.13:odf4/odf-csi-addons-rhel9-operator@sha256:fb35cb085e41eabcc8d8a8cb5b9981968361642f1d15a011d537f7422a2c832b_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:10884ba2e3e9b44fa49347567caa01966578ac3ca45d50a37e0650a98aa095e6_s390x", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:16af2c689218d80e450101428796ecbbef331bfbb9153eb328670477284a2684_arm64", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:3785b04c0d5464eb4514bd3b98e59b2b39815a58e0afc2730104e4e69613ad87_ppc64le", "9Base-RHODF-4.13:odf4/odf-csi-addons-sidecar-rhel9@sha256:eada63799fc6cb128d2a05a2324700500e1ea2f0dc573899832782ef568ce2a9_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:1225db4ef5dd45e5886949babd7db2b5679be927e3a5324d1d0737ba7be96aa3_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:4043076d1e3cdb560ef5ad4b4f06a911590105e655c34d083751be9b1f070423_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-console-rhel9@sha256:889eb0d94a9a573e42d04e4edbd97a389d74157c94bee674df17b2184de1fcde_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:33c136b3d0e5ed8d4fb781566c2bac3cdc01c30e0351035bf962f35203af87a2_ppc64le", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:593cf98fc32b66381bd7e324c89b0a21b7ffec63541bb403b900121d712237f9_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-operator-bundle@sha256:caa3e66684c046b1a4ce3fdc1d617b65fcc78a330268069a9cc02e071501c482_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:1635e20f43a11759364b2ab5a52c5cee9cd2bc141888b6857f3e3703b90e8eee_arm64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:811dfbb10cd4012b8765d751d52c44b40469bf4758cd284b8edf6093cb7123a2_amd64", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:a6dbf5d5d116661fd99348452bbb89458a7cf9326ff64aea285dcb4b0a9893cf_s390x", "9Base-RHODF-4.13:odf4/odf-multicluster-rhel9-operator@sha256:f67f2ba7c47e14c493d22a500423c92b0cc01f8d9570aa3f51a0cb1957f836af_ppc64le", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:a42dd93af9e17fe4af792ccc4c92487f33bf38e1642e21f8e86e23fa86e78a68_arm64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:b64b3f6b1e423e2fcc5c9af6434c8bf0c03498070379b948d82eced1d3b94cbf_amd64", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:dd3eddf1183c67b1011f35f15b85fd5998edb1812852a3b51f1c2971d5155870_s390x", "9Base-RHODF-4.13:odf4/odf-must-gather-rhel9@sha256:e657739355245310c8182c682bc003ce0d3d6abac6115c34a9ca7ffaf8983ade_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:11849f9242099ab4a4b16c6160f23a8a460d41146e2a3e850e7299ab3fd13f04_ppc64le", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:31c6af39b67cb39bfe954cee68825094198d12c7f14542ca284ed609c40b32e8_s390x", "9Base-RHODF-4.13:odf4/odf-operator-bundle@sha256:64c9d563c9c5e193325f923844b676faa3bbe5c0657b7dee743e03b29c018cef_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:0b5657e09bc199379108afec4b858f1dc2289e705e2e14d383fc3ddaa307c6bf_amd64", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:b284b72288e596677427b6ac51fb142fe6b84f5c3b6f43d395bc403643c443cf_s390x", "9Base-RHODF-4.13:odf4/odr-cluster-operator-bundle@sha256:fe5ccee2ea5902cef3f8c9a94fb9be9516013cc7376e088710fef4a85310db9f_ppc64le", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:0699f1e80453ed3a9bff43c3e431ddd786dafd2f166b62b94f18dc77f4467b25_amd64", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:3d438d91ac261b77075da23d9d08dd603fdbc99aa2c1d4c50681feea5dcfbbc1_s390x", "9Base-RHODF-4.13:odf4/odr-hub-operator-bundle@sha256:51d49bd086645a17b80c40e800d88b0a818de8f5ddc1814f6dc23102da920eb2_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:3d26a840d8a42838bb8bc3ba51cac65f3a502450644e30e9331ea08d805c1ec1_ppc64le", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:4c5294036e2e5e0afc6a177d5172e85bcb347b0f4a71ce48847834e677047615_amd64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:cc99437c3b06b4bf307f36ebf533bdbd3721c43035044a972d69258b9414555d_arm64", "9Base-RHODF-4.13:odf4/odr-rhel9-operator@sha256:dff514a42676f68e0faef651dd14ca91fd8a21f4911c7525fbfa965b748d6317_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-25000" }, { "category": "external", "summary": "RHBZ#2182972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25000", "url": "https://www.cve.org/CVERecord?id=CVE-2023-25000" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25000", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25000" }, { "category": "external", "summary": "https://discuss.hashicorp.com/t/hcsec-2023-10-vault-vulnerable-to-cache-timing-attacks-during-seal-and-unseal-operations/52078", "url": "https://discuss.hashicorp.com/t/hcsec-2023-10-vault-vulnerable-to-cache-timing-attacks-during-seal-and-unseal-operations/52078" } ], "release_date": "2023-03-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-21T15:22:11+00:00", "details": "These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.13/html/4.13_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images that provide numerous bug fixes and enhancements.", "product_ids": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N", "version": "3.1" }, "products": [ "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:0564c1165a893f0eea270f636cef8fb9c75704b73bd8ae291a5438122be64484_s390x", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:26663e4d48a70edb4fd100fd86819398ef84da4f9e9da077a4e36deb5c002d9b_amd64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:98ded63b6b4180c52715a6d580afb9b212c4643d53ccc9e00993e2d1bcd41396_arm64", "9Base-RHODF-4.13:odf4/odf-rhel9-operator@sha256:d223f6995bdea0799c8201b658aa81c36ae00188be030012b89d8cda643f4ed8_ppc64le", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:61ec798f3d2bab62b4e56ecba236359e2edd3dd1a7095b839a36530a9b90c98f_s390x", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:9d9289a4b9d4342db67022b0da93249b38f98a499fb6442912528611fde35266_amd64", "9Base-RHODF-4.13:odf4/rook-ceph-rhel9-operator@sha256:c9054d4393cfe4a11e81c5e73f2349c12f315caaabd05a060de0a39effb43bd0_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "hashicorp/vault: Cache-Timing Attacks During Seal and Unseal Operations" } ] }
rhsa-2023_0612
Vulnerability from csaf_redhat
Published
2023-02-06 19:42
Modified
2024-11-06 02:23
Summary
Red Hat Security Advisory: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update
Notes
Topic
An update for rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: rh-nodejs14-nodejs (14.21.1), rh-nodejs14-nodejs-nodemon (2.0.20). (BZ#2129806, BZ#2135519, BZ#2135520, BZ#2141022)
Security Fix(es):
* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* minimist: prototype pollution (CVE-2021-44906)
* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* express: "qs" prototype poisoning causes the hang of the node process (CVE-2022-24999)
* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* rh-nodejs14-nodejs: Provide full-i18n subpackage (BZ#2009880)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: rh-nodejs14-nodejs (14.21.1), rh-nodejs14-nodejs-nodemon (2.0.20). (BZ#2129806, BZ#2135519, BZ#2135520, BZ#2141022)\n\nSecurity Fix(es):\n\n* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n\n* minimist: prototype pollution (CVE-2021-44906)\n\n* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* express: \"qs\" prototype poisoning causes the hang of the node process (CVE-2022-24999)\n\n* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* rh-nodejs14-nodejs: Provide full-i18n subpackage (BZ#2009880)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:0612", "url": "https://access.redhat.com/errata/RHSA-2023:0612" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2009880", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009880" }, { "category": "external", "summary": "2044591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591" }, { "category": "external", "summary": "2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "2129806", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129806" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0612.json" } ], "title": "Red Hat Security Advisory: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update", "tracking": { "current_release_date": "2024-11-06T02:23:19+00:00", "generator": { "date": "2024-11-06T02:23:19+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2023:0612", "initial_release_date": "2023-02-06T19:42:24+00:00", "revision_history": [ { "date": "2023-02-06T19:42:24+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-02-06T19:42:24+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T02:23:19+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Software Collections for RHEL Workstation(v. 7)", "product": { "name": "Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } }, { "category": "product_name", "name": "Red Hat Software Collections for RHEL(v. 7)", "product": { "name": "Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } } ], "category": "product_family", "name": "Red Hat Software Collections" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "product": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "product_id": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-nodemon@2.0.20-2.el7?arch=src" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "product": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "product_id": "rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.21.1-3.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "product": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "product_id": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-nodemon@2.0.20-2.el7?arch=noarch" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "product": { "name": "rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "product_id": "rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-docs@14.21.1-3.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "product": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "product_id": "rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.21.1-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "product": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "product_id": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-devel@14.21.1-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "product": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "product_id": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-full-i18n@14.21.1-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "product": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "product_id": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-npm@6.14.17-14.21.1.3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "product": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "product_id": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-debuginfo@14.21.1-3.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "product": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "product_id": "rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.21.1-3.el7?arch=s390x" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "product": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "product_id": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-devel@14.21.1-3.el7?arch=s390x" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "product": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "product_id": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-full-i18n@14.21.1-3.el7?arch=s390x" } } }, { "category": "product_version", "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "product": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "product_id": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-npm@6.14.17-14.21.1.3.el7?arch=s390x" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "product": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "product_id": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-debuginfo@14.21.1-3.el7?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "product": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "product_id": "rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.21.1-3.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "product": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "product_id": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-devel@14.21.1-3.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "product": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "product_id": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-full-i18n@14.21.1-3.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "product": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "product_id": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-npm@6.14.17-14.21.1.3.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "product": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "product_id": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-debuginfo@14.21.1-3.el7?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.src as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src" }, "product_reference": "rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch" }, "product_reference": "rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch" }, "product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src" }, "product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le" }, "product_reference": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x" }, "product_reference": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" }, "product_reference": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.src as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src" }, "product_reference": "rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch" }, "product_reference": "rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch" }, "product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src" }, "product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le" }, "product_reference": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x" }, "product_reference": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" }, "product_reference": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.8" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-35065", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-12-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156324" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "glob-parent: Regular Expression Denial of Service", "title": "Vulnerability summary" }, { "category": "other", "text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-35065" }, { "category": "external", "summary": "RHBZ#2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065", "url": "https://www.cve.org/CVERecord?id=CVE-2021-35065" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294", "url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294" } ], "release_date": "2022-12-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-06T19:42:24+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0612" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "glob-parent: Regular Expression Denial of Service" }, { "cve": "CVE-2021-44906", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-03-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2066009" } ], "notes": [ { "category": "description", "text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "minimist: prototype pollution", "title": "Vulnerability summary" }, { "category": "other", "text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44906" }, { "category": "external", "summary": "RHBZ#2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44906" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h", "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h" } ], "release_date": "2022-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-06T19:42:24+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0612" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "minimist: prototype pollution" }, { "cve": "CVE-2022-0235", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2022-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2044591" } ], "notes": [ { "category": "description", "text": "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.", "title": "Vulnerability description" }, { "category": "summary", "text": "node-fetch: exposure of sensitive information to an unauthorized actor", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-0235" }, { "category": "external", "summary": "RHBZ#2044591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-0235", "url": "https://www.cve.org/CVERecord?id=CVE-2022-0235" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235" }, { "category": "external", "summary": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/", "url": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/" } ], "release_date": "2022-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-06T19:42:24+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0612" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", "version": "3.1" }, "products": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "node-fetch: exposure of sensitive information to an unauthorized actor" }, { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-06T19:42:24+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0612" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "cve": "CVE-2022-24999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150323" } ], "notes": [ { "category": "description", "text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "express: \"qs\" prototype poisoning causes the hang of the node process", "title": "Vulnerability summary" }, { "category": "other", "text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24999" }, { "category": "external", "summary": "RHBZ#2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999" }, { "category": "external", "summary": "https://github.com/expressjs/express/releases/tag/4.17.3", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "category": "external", "summary": "https://github.com/ljharb/qs/pull/428", "url": "https://github.com/ljharb/qs/pull/428" }, { "category": "external", "summary": "https://github.com/n8tz/CVE-2022-24999", "url": "https://github.com/n8tz/CVE-2022-24999" } ], "release_date": "2022-11-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-06T19:42:24+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0612" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "express: \"qs\" prototype poisoning causes the hang of the node process" }, { "cve": "CVE-2022-43548", "cwe": { "id": "CWE-350", "name": "Reliance on Reverse DNS Resolution for a Security-Critical Action" }, "discovery_date": "2022-11-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140911" } ], "notes": [ { "category": "description", "text": "A flaw was found in NodeJS. The issue occurs in the Node.js rebinding protector for --inspect that still allows invalid IP addresses, specifically, the octal format. This flaw allows an attacker to perform DNS rebinding and execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: DNS rebinding in inspect via invalid octal IP address", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-43548" }, { "category": "external", "summary": "RHBZ#2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-43548", "url": "https://www.cve.org/CVERecord?id=CVE-2022-43548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548", "url": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548" } ], "release_date": "2022-11-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-06T19:42:24+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0612" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: DNS rebinding in inspect via invalid octal IP address" } ] }
rhsa-2022_8832
Vulnerability from csaf_redhat
Published
2022-12-06 15:35
Modified
2024-11-06 02:05
Summary
Red Hat Security Advisory: nodejs:18 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (18.12.1). (BZ#2142809, BZ#2142830, BZ#2142834, BZ#2142856)
Security Fix(es):
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (18.12.1). (BZ#2142809, BZ#2142830, BZ#2142834, BZ#2142856)\n\nSecurity Fix(es):\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:8832", "url": "https://access.redhat.com/errata/RHSA-2022:8832" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "2142809", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142809" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8832.json" } ], "title": "Red Hat Security Advisory: nodejs:18 security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-06T02:05:06+00:00", "generator": { "date": "2024-11-06T02:05:06+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2022:8832", "initial_release_date": "2022-12-06T15:35:44+00:00", "revision_history": [ { "date": "2022-12-06T15:35:44+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-12-06T15:35:44+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T02:05:06+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 9)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nodejs:18:9010020221118120946:rhel9", "product": { "name": "nodejs:18:9010020221118120946:rhel9", "product_id": "nodejs:18:9010020221118120946:rhel9", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/nodejs@18:9010020221118120946:rhel9" } } }, { "category": "product_version", "name": "nodejs-docs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.noarch", "product": { "name": "nodejs-docs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.noarch", "product_id": "nodejs-docs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-docs@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.noarch", "product": { "name": "nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.noarch", "product_id": "nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=noarch" } } }, { "category": "product_version", "name": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "product": { "name": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "product_id": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-4.module%2Bel9.1.0%2B15718%2Be52ec601?arch=noarch" } } }, { "category": "product_version", "name": "nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "product": { "name": "nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "product_id": "nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging-bundler@2021.06-4.module%2Bel9.1.0%2B15718%2Be52ec601?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "product": { "name": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "product_id": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "product": { "name": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "product_id": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "product": { "name": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "product_id": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "product": { "name": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "product_id": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "product": { "name": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "product_id": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.aarch64", "product": { "name": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.aarch64", "product_id": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.19.2-1.18.12.1.1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.src", "product": { "name": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.src", "product_id": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.src", "product": { "name": "nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.src", "product_id": "nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=src" } } }, { "category": "product_version", "name": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src", "product": { "name": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src", "product_id": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-4.module%2Bel9.1.0%2B15718%2Be52ec601?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "product": { "name": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "product_id": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "product": { "name": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "product_id": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "product": { "name": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "product_id": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "product": { "name": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "product_id": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "product": { "name": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "product_id": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.ppc64le", "product": { "name": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.ppc64le", "product_id": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.19.2-1.18.12.1.1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "product": { "name": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "product_id": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "product": { "name": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "product_id": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "product": { "name": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "product_id": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "product": { "name": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "product_id": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "product": { "name": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "product_id": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.s390x", "product": { "name": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.s390x", "product_id": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.19.2-1.18.12.1.1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "product": { "name": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "product_id": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "product": { "name": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "product_id": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "product": { "name": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "product_id": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "product": { "name": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "product_id": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "product": { "name": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "product_id": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@18.12.1-1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.x86_64", "product": { "name": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.x86_64", "product_id": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.19.2-1.18.12.1.1.module%2Bel9.1.0.z%2B17326%2B318294bb?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, "product_reference": "nodejs:18:9010020221118120946:rhel9", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64 as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64" }, "product_reference": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le" }, "product_reference": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x" }, "product_reference": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.src as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.src" }, "product_reference": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.src", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64 as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64" }, "product_reference": "nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64 as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64" }, "product_reference": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le" }, "product_reference": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x" }, "product_reference": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64 as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64" }, "product_reference": "nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64 as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64" }, "product_reference": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le" }, "product_reference": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x" }, "product_reference": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64 as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64" }, "product_reference": "nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64 as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64" }, "product_reference": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le" }, "product_reference": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x" }, "product_reference": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64 as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64" }, "product_reference": "nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-docs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.noarch as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-docs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.noarch" }, "product_reference": "nodejs-docs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.noarch", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64 as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64" }, "product_reference": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le" }, "product_reference": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x" }, "product_reference": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64 as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64" }, "product_reference": "nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.noarch as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.noarch" }, "product_reference": "nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.noarch", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.src as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.src" }, "product_reference": "nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.src", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch" }, "product_reference": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src" }, "product_reference": "nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch" }, "product_reference": "nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.aarch64 as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.aarch64" }, "product_reference": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.ppc64le as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.ppc64le" }, "product_reference": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.s390x as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.s390x" }, "product_reference": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.x86_64 as a component of nodejs:18:9010020221118120946:rhel9 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.x86_64" }, "product_reference": "npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-docs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-12-06T15:35:44+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-docs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8832" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-docs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "cve": "CVE-2022-43548", "cwe": { "id": "CWE-350", "name": "Reliance on Reverse DNS Resolution for a Security-Critical Action" }, "discovery_date": "2022-11-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140911" } ], "notes": [ { "category": "description", "text": "A flaw was found in NodeJS. The issue occurs in the Node.js rebinding protector for --inspect that still allows invalid IP addresses, specifically, the octal format. This flaw allows an attacker to perform DNS rebinding and execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: DNS rebinding in inspect via invalid octal IP address", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-docs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-43548" }, { "category": "external", "summary": "RHBZ#2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-43548", "url": "https://www.cve.org/CVERecord?id=CVE-2022-43548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548", "url": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548" } ], "release_date": "2022-11-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-12-06T15:35:44+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-docs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8832" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debuginfo-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-debugsource-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-devel-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-docs-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-full-i18n-1:18.12.1-1.module+el9.1.0.z+17326+318294bb.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-nodemon-0:2.0.20-1.module+el9.1.0.z+17326+318294bb.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-0:2021.06-4.module+el9.1.0+15718+e52ec601.src", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:nodejs-packaging-bundler-0:2021.06-4.module+el9.1.0+15718+e52ec601.noarch", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.s390x", "AppStream-9.1.0.Z.MAIN:nodejs:18:9010020221118120946:rhel9:npm-1:8.19.2-1.18.12.1.1.module+el9.1.0.z+17326+318294bb.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: DNS rebinding in inspect via invalid octal IP address" } ] }
rhsa-2023_1533
Vulnerability from csaf_redhat
Published
2023-03-30 13:06
Modified
2024-11-06 02:41
Summary
Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (14.21.3).
Security Fix(es):
* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)
* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* minimist: prototype pollution (CVE-2021-44906)
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904)
* express: "qs" prototype poisoning causes the hang of the node process (CVE-2022-24999)
* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)
* nodejs: HTTP Request Smuggling due to incorrect parsing of header fields (CVE-2022-35256)
* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)
* Node.js: Permissions policies can be bypassed via process.mainModule (CVE-2023-23918)
* Node.js: insecure loading of ICU data through ICU_DATA environment variable (CVE-2023-23920)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (14.21.3).\n\nSecurity Fix(es):\n\n* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)\n\n* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n\n* minimist: prototype pollution (CVE-2021-44906)\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904)\n\n* express: \"qs\" prototype poisoning causes the hang of the node process (CVE-2022-24999)\n\n* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)\n\n* nodejs: HTTP Request Smuggling due to incorrect parsing of header fields (CVE-2022-35256)\n\n* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)\n\n* Node.js: Permissions policies can be bypassed via process.mainModule (CVE-2023-23918)\n\n* Node.js: insecure loading of ICU data through ICU_DATA environment variable (CVE-2023-23920)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1533", "url": "https://access.redhat.com/errata/RHSA-2023:1533" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "2130518", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130518" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "2142823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142823" }, { "category": "external", "summary": "2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "2165824", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824" }, { "category": "external", "summary": "2168631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631" }, { "category": "external", "summary": "2170644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644" }, { "category": "external", "summary": "2171935", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935" }, { "category": "external", "summary": "2172217", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217" }, { "category": "external", "summary": "2175828", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175828" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1533.json" } ], "title": "Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-06T02:41:24+00:00", "generator": { "date": "2024-11-06T02:41:24+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2023:1533", "initial_release_date": "2023-03-30T13:06:07+00:00", "revision_history": [ { "date": "2023-03-30T13:06:07+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-30T13:06:07+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T02:41:24+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product": { "name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:8.4::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nodejs:14:8040020230306170312:522a0ee4", "product": { "name": "nodejs:14:8040020230306170312:522a0ee4", "product_id": "nodejs:14:8040020230306170312:522a0ee4", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/nodejs@14:8040020230306170312:522a0ee4" } } }, { "category": "product_version", "name": "nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "product": { "name": "nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "product_id": "nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-docs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "product": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "product_id": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-3.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=noarch" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "product": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "product_id": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "product": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "product_id": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-3.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=src" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_id": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_id": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_id": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_id": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, "product_reference": "nodejs:14:8040020230306170312:522a0ee4", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch" }, "product_reference": "nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch" }, "product_reference": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src" }, "product_reference": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-35065", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-12-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156324" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "glob-parent: Regular Expression Denial of Service", "title": "Vulnerability summary" }, { "category": "other", "text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-35065" }, { "category": "external", "summary": "RHBZ#2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065", "url": "https://www.cve.org/CVERecord?id=CVE-2021-35065" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294", "url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294" } ], "release_date": "2022-12-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "glob-parent: Regular Expression Denial of Service" }, { "cve": "CVE-2021-44906", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-03-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2066009" } ], "notes": [ { "category": "description", "text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "minimist: prototype pollution", "title": "Vulnerability summary" }, { "category": "other", "text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44906" }, { "category": "external", "summary": "RHBZ#2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44906" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h", "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h" } ], "release_date": "2022-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "minimist: prototype pollution" }, { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "cve": "CVE-2022-4904", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2168631" } ], "notes": [ { "category": "description", "text": "A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "c-ares: buffer overflow in config_sortlist() due to missing string length check", "title": "Vulnerability summary" }, { "category": "other", "text": "The severity of this vulnerability is not important but moderate because exploiting the vulnerability can lead to a disruption of the availability of an application, yet doesn\u2019t compromise data integrity or confidentiality. The opportunity for disruption is further limited due to the requirement that an application allows an attacker to be able to input both untrusted and unvalidated data. Exploiting this flaw requires an application to use the library in such a way that would allow untrusted and unvalidated input to be passed directly to ares_set_sortlist by an attacker. In the event that this is able to occur, the impact to RHEL is limited to a crash of the application due to the protections offered by default in RHEL systems such as Stack Smashing Protection (SSP).", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-4904" }, { "category": "external", "summary": "RHBZ#2168631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4904", "url": "https://www.cve.org/CVERecord?id=CVE-2022-4904" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904" }, { "category": "external", "summary": "https://github.com/c-ares/c-ares/issues/496", "url": "https://github.com/c-ares/c-ares/issues/496" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "c-ares: buffer overflow in config_sortlist() due to missing string length check" }, { "cve": "CVE-2022-24999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150323" } ], "notes": [ { "category": "description", "text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "express: \"qs\" prototype poisoning causes the hang of the node process", "title": "Vulnerability summary" }, { "category": "other", "text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24999" }, { "category": "external", "summary": "RHBZ#2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999" }, { "category": "external", "summary": "https://github.com/expressjs/express/releases/tag/4.17.3", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "category": "external", "summary": "https://github.com/ljharb/qs/pull/428", "url": "https://github.com/ljharb/qs/pull/428" }, { "category": "external", "summary": "https://github.com/n8tz/CVE-2022-24999", "url": "https://github.com/n8tz/CVE-2022-24999" } ], "release_date": "2022-11-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "express: \"qs\" prototype poisoning causes the hang of the node process" }, { "cve": "CVE-2022-25881", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2023-01-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2165824" } ], "notes": [ { "category": "description", "text": "A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.", "title": "Vulnerability description" }, { "category": "summary", "text": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-25881" }, { "category": "external", "summary": "RHBZ#2165824", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25881", "url": "https://www.cve.org/CVERecord?id=CVE-2022-25881" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881" } ], "release_date": "2023-01-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability" }, { "acknowledgments": [ { "names": [ "VVX7" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2022-35256", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2022-09-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2130518" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in NodeJS due to improper validation of HTTP requests. The llhttp parser in the HTTP module in Node.js does not correctly handle header fields that are not terminated with CLRF. This issue may result in HTTP Request Smuggling. This flaw allows a remote attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: HTTP Request Smuggling due to incorrect parsing of header fields", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-35256" }, { "category": "external", "summary": "RHBZ#2130518", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130518" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-35256", "url": "https://www.cve.org/CVERecord?id=CVE-2022-35256" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/#http-request-smuggling-due-to-incorrect-parsing-of-header-fields-medium-cve-2022-35256", "url": "https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/#http-request-smuggling-due-to-incorrect-parsing-of-header-fields-medium-cve-2022-35256" } ], "release_date": "2022-09-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: HTTP Request Smuggling due to incorrect parsing of header fields" }, { "cve": "CVE-2022-38900", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2023-02-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170644" } ], "notes": [ { "category": "description", "text": "A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "decode-uri-component: improper input validation resulting in DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "For OpenShift Container Platform (OCP), Advanced Clusters Management for Kubernetes (ACM) and Advanced Cluster Security (ACS), the NPM decode-uri-component package is only present in source repositories as a development dependency, it is not used in production. Therefore this vulnerability is rated Low for OCP and ACS.\n\nIn Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container bundles many nodejs packages as a build time dependencies, including the decode-uri-component package. \nThe vulnerable code is not used, hence the impact to OpenShift Logging by this vulnerability is Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38900" }, { "category": "external", "summary": "RHBZ#2170644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38900", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38900" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900" }, { "category": "external", "summary": "https://github.com/SamVerschueren/decode-uri-component/issues/5", "url": "https://github.com/SamVerschueren/decode-uri-component/issues/5" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-w573-4hg7-7wgq", "url": "https://github.com/advisories/GHSA-w573-4hg7-7wgq" } ], "release_date": "2022-11-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "decode-uri-component: improper input validation resulting in DoS" }, { "cve": "CVE-2022-43548", "cwe": { "id": "CWE-350", "name": "Reliance on Reverse DNS Resolution for a Security-Critical Action" }, "discovery_date": "2022-11-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140911" } ], "notes": [ { "category": "description", "text": "A flaw was found in NodeJS. The issue occurs in the Node.js rebinding protector for --inspect that still allows invalid IP addresses, specifically, the octal format. This flaw allows an attacker to perform DNS rebinding and execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: DNS rebinding in inspect via invalid octal IP address", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-43548" }, { "category": "external", "summary": "RHBZ#2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-43548", "url": "https://www.cve.org/CVERecord?id=CVE-2022-43548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548", "url": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548" } ], "release_date": "2022-11-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: DNS rebinding in inspect via invalid octal IP address" }, { "cve": "CVE-2023-23918", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "discovery_date": "2023-02-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2171935" } ], "notes": [ { "category": "description", "text": "A privilege escalation vulnerability exists in Node.js \u003c19.6.1, \u003c18.14.1, \u003c16.19.1 and \u003c14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.", "title": "Vulnerability description" }, { "category": "summary", "text": "Node.js: Permissions policies can be bypassed via process.mainModule", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-23918" }, { "category": "external", "summary": "RHBZ#2171935", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-23918", "url": "https://www.cve.org/CVERecord?id=CVE-2023-23918" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918" } ], "release_date": "2023-02-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Node.js: Permissions policies can be bypassed via process.mainModule" }, { "cve": "CVE-2023-23920", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "discovery_date": "2023-02-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2172217" } ], "notes": [ { "category": "description", "text": "An untrusted search path vulnerability exists in Node.js. \u003c19.6.1, \u003c18.14.1, \u003c16.19.1, and \u003c14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "Node.js: insecure loading of ICU data through ICU_DATA environment variable", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-23920" }, { "category": "external", "summary": "RHBZ#2172217", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-23920", "url": "https://www.cve.org/CVERecord?id=CVE-2023-23920" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920" } ], "release_date": "2023-02-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Node.js: insecure loading of ICU data through ICU_DATA environment variable" } ] }
rhsa-2022_9073
Vulnerability from csaf_redhat
Published
2022-12-15 16:20
Modified
2024-11-06 02:09
Summary
Red Hat Security Advisory: nodejs:16 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages were updated to later upstream versions: nodejs (16.18.1), nodejs-nodemon (2.0.20).
Security Fix(es):
* nodejs: Improper handling of URI Subject Alternative Names (CVE-2021-44531)
* nodejs: Certificate Verification Bypass via String Injection (CVE-2021-44532)
* nodejs: Incorrect handling of certificate subject and issuer fields (CVE-2021-44533)
* minimist: prototype pollution (CVE-2021-44906)
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)
* nodejs: Prototype pollution via console.table properties (CVE-2022-21824)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* nodejs:16/nodejs: Packaged version of undici does not fit with declared version. [rhel-8] (BZ#2151625)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages were updated to later upstream versions: nodejs (16.18.1), nodejs-nodemon (2.0.20).\n\nSecurity Fix(es):\n\n* nodejs: Improper handling of URI Subject Alternative Names (CVE-2021-44531)\n\n* nodejs: Certificate Verification Bypass via String Injection (CVE-2021-44532)\n\n* nodejs: Incorrect handling of certificate subject and issuer fields (CVE-2021-44533)\n\n* minimist: prototype pollution (CVE-2021-44906)\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)\n\n* nodejs: Prototype pollution via console.table properties (CVE-2022-21824)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* nodejs:16/nodejs: Packaged version of undici does not fit with declared version. [rhel-8] (BZ#2151625)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:9073", "url": "https://access.redhat.com/errata/RHSA-2022:9073" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2040839", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040839" }, { "category": "external", "summary": "2040846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040846" }, { "category": "external", "summary": "2040856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040856" }, { "category": "external", "summary": "2040862", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040862" }, { "category": "external", "summary": "2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "2142806", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142806" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_9073.json" } ], "title": "Red Hat Security Advisory: nodejs:16 security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-06T02:09:52+00:00", "generator": { "date": "2024-11-06T02:09:52+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2022:9073", "initial_release_date": "2022-12-15T16:20:58+00:00", "revision_history": [ { "date": "2022-12-15T16:20:58+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-12-15T16:20:58+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T02:09:52+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nodejs:16:8070020221207164159:bd1311ed", "product": { "name": "nodejs:16:8070020221207164159:bd1311ed", "product_id": "nodejs:16:8070020221207164159:bd1311ed", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/nodejs@16:8070020221207164159:bd1311ed" } } }, { "category": "product_version", "name": "nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "product": { "name": "nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "product_id": "nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-docs@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "product": { "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "product_id": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-2.module%2Bel8.7.0%2B17412%2Bbb0e4a6b?arch=noarch" } } }, { "category": "product_version", "name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "product": { "name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "product_id": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@25-1.module%2Bel8.5.0%2B10992%2Bfac5fe06?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "product": { "name": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "product_id": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "product": { "name": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "product_id": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "product": { "name": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "product_id": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "product": { "name": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "product_id": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "product": { "name": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "product_id": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "product": { "name": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "product_id": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.19.2-1.16.18.1.3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "product": { "name": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "product_id": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "product": { "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "product_id": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-2.module%2Bel8.7.0%2B17412%2Bbb0e4a6b?arch=src" } } }, { "category": "product_version", "name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "product": { "name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "product_id": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@25-1.module%2Bel8.5.0%2B10992%2Bfac5fe06?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "product": { "name": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "product_id": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "product": { "name": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "product_id": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "product": { "name": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "product_id": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "product": { "name": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "product_id": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "product": { "name": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "product_id": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "product": { "name": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "product_id": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.19.2-1.16.18.1.3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "product": { "name": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "product_id": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "product": { "name": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "product_id": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "product": { "name": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "product_id": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "product": { "name": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "product_id": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "product": { "name": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "product_id": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "product": { "name": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "product_id": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.19.2-1.16.18.1.3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "product": { "name": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "product_id": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "product": { "name": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "product_id": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "product": { "name": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "product_id": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "product": { "name": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "product_id": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "product": { "name": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "product_id": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@16.18.1-3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64", "product": { "name": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64", "product_id": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.19.2-1.16.18.1.3.module%2Bel8.7.0%2B17465%2B1a1abd74?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, "product_reference": "nodejs:16:8070020221207164159:bd1311ed", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64 as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64" }, "product_reference": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le" }, "product_reference": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x" }, "product_reference": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src" }, "product_reference": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64 as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64" }, "product_reference": "nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64 as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64" }, "product_reference": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le" }, "product_reference": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x" }, "product_reference": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64 as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64" }, "product_reference": "nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64 as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64" }, "product_reference": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le" }, "product_reference": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x" }, "product_reference": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64 as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64" }, "product_reference": "nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64 as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64" }, "product_reference": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le" }, "product_reference": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x" }, "product_reference": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64 as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64" }, "product_reference": "nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch" }, "product_reference": "nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64 as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64" }, "product_reference": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le" }, "product_reference": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x" }, "product_reference": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64 as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64" }, "product_reference": "nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch" }, "product_reference": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src" }, "product_reference": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch" }, "product_reference": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src" }, "product_reference": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64 as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64" }, "product_reference": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le" }, "product_reference": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x" }, "product_reference": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64 as a component of nodejs:16:8070020221207164159:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" }, "product_reference": "npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-44531", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2022-01-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040839" } ], "notes": [ { "category": "description", "text": "A flaw was found in node.js where it accepted a certificate\u0027s Subject Alternative Names (SAN) entry, as opposed to what is specified by the HTTPS protocol. This flaw allows an active person-in-the-middle to forge a certificate and impersonate a trusted host.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Improper handling of URI Subject Alternative Names", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\" with impact LOW.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44531" }, { "category": "external", "summary": "RHBZ#2040839", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040839" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44531", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44531" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-12-15T16:20:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:9073" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: Improper handling of URI Subject Alternative Names" }, { "cve": "CVE-2021-44532", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2022-01-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040846" } ], "notes": [ { "category": "description", "text": "It was found that node.js did not safely read the x509 certificate generalName format properly, resulting in data injection. A certificate could use a specially crafted extension in order to be successfully validated, permitting an attacker to impersonate a trusted host.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Certificate Verification Bypass via String Injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\" with impact LOW.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44532" }, { "category": "external", "summary": "RHBZ#2040846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040846" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44532", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44532" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-12-15T16:20:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:9073" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: Certificate Verification Bypass via String Injection" }, { "cve": "CVE-2021-44533", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2022-01-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040856" } ], "notes": [ { "category": "description", "text": "A flaw was found in node.js, where it did not properly handle multi-value Relative Distinguished Names. This flaw allows a specially crafted x509 certificate to produce a false multi-value Relative Distinguished Name and to inject arbitrary data in node.js libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Incorrect handling of certificate subject and issuer fields", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally, there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore, the Quay component is marked as \"Will not fix\" with impact LOW.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44533" }, { "category": "external", "summary": "RHBZ#2040856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040856" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44533", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44533" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44533", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44533" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-12-15T16:20:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:9073" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: Incorrect handling of certificate subject and issuer fields" }, { "cve": "CVE-2021-44906", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-03-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2066009" } ], "notes": [ { "category": "description", "text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "minimist: prototype pollution", "title": "Vulnerability summary" }, { "category": "other", "text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44906" }, { "category": "external", "summary": "RHBZ#2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44906" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h", "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h" } ], "release_date": "2022-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-12-15T16:20:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:9073" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "minimist: prototype pollution" }, { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-12-15T16:20:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:9073" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "cve": "CVE-2022-21824", "cwe": { "id": "CWE-915", "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes" }, "discovery_date": "2022-01-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040862" } ], "notes": [ { "category": "description", "text": "Due to the formatting logic of the \"console.table()\" function it was not safe to allow user controlled input to be passed to the \"properties\" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be \"__proto__\". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js \u003e= 12.22.9, \u003e= 14.18.3, \u003e= 16.13.2, and \u003e= 17.3.1 use a null protoype for the object these properties are being assigned to.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Prototype pollution via console.table properties", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-21824" }, { "category": "external", "summary": "RHBZ#2040862", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040862" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-21824", "url": "https://www.cve.org/CVERecord?id=CVE-2022-21824" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21824", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21824" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-12-15T16:20:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:9073" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs: Prototype pollution via console.table properties" }, { "cve": "CVE-2022-43548", "cwe": { "id": "CWE-350", "name": "Reliance on Reverse DNS Resolution for a Security-Critical Action" }, "discovery_date": "2022-11-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140911" } ], "notes": [ { "category": "description", "text": "A flaw was found in NodeJS. The issue occurs in the Node.js rebinding protector for --inspect that still allows invalid IP addresses, specifically, the octal format. This flaw allows an attacker to perform DNS rebinding and execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: DNS rebinding in inspect via invalid octal IP address", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-43548" }, { "category": "external", "summary": "RHBZ#2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-43548", "url": "https://www.cve.org/CVERecord?id=CVE-2022-43548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548", "url": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548" } ], "release_date": "2022-11-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-12-15T16:20:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:9073" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debuginfo-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-debugsource-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-devel-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-docs-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-full-i18n-1:16.18.1-3.module+el8.7.0+17465+1a1abd74.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17412+bb0e4a6b.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:16:8070020221207164159:bd1311ed:npm-1:8.19.2-1.16.18.1.3.module+el8.7.0+17465+1a1abd74.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: DNS rebinding in inspect via invalid octal IP address" } ] }
rhsa-2022_9040
Vulnerability from csaf_redhat
Published
2022-12-14 22:38
Modified
2024-11-06 02:09
Summary
Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.3 security update
Notes
Topic
Red Hat Advanced Cluster Management for Kubernetes 2.6.3 General
Availability release images, which provide security updates, fix bugs, and update container images.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
Red Hat Advanced Cluster Management for Kubernetes 2.6.3 images
Red Hat Advanced Cluster Management for Kubernetes provides the
capabilities to address common challenges that administrators and site
reliability engineers face as they work across a range of public and
private cloud environments. Clusters and applications are all visible and
managed from a single console—with security policy built in.
This advisory contains the container images for Red Hat Advanced Cluster
Management for Kubernetes, which fix several bugs. See the following
Release Notes documentation, which will be updated shortly for this
release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/release_notes/
Bugs addressed:
* clusters belong to global clusterset is not selected by placement when rescheduling (BZ# 2129679)
* RHACM 2.6.3 images (BZ# 2139085)
Security fixes:
* CVE-2022-3517 nodejs-minimatch: ReDoS via the braceExpand function
Security
* CVE-2022-41912 crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat Advanced Cluster Management for Kubernetes 2.6.3 General\nAvailability release images, which provide security updates, fix bugs, and update container images.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Advanced Cluster Management for Kubernetes 2.6.3 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in.\n\nThis advisory contains the container images for Red Hat Advanced Cluster\nManagement for Kubernetes, which fix several bugs. See the following\nRelease Notes documentation, which will be updated shortly for this\nrelease, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/release_notes/\n\nBugs addressed:\n\n* clusters belong to global clusterset is not selected by placement when rescheduling (BZ# 2129679)\n\n* RHACM 2.6.3 images (BZ# 2139085)\n\nSecurity fixes:\n\n* CVE-2022-3517 nodejs-minimatch: ReDoS via the braceExpand function \n Security\n\n* CVE-2022-41912 crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:9040", "url": "https://access.redhat.com/errata/RHSA-2022:9040" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2129679", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129679" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2139085", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139085" }, { "category": "external", "summary": "2149181", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2149181" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_9040.json" } ], "title": "Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.3 security update", "tracking": { "current_release_date": "2024-11-06T02:09:05+00:00", "generator": { "date": "2024-11-06T02:09:05+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2022:9040", "initial_release_date": "2022-12-14T22:38:40+00:00", "revision_history": [ { "date": "2022-12-14T22:38:40+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-12-14T22:38:40+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T02:09:05+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product": { "name": "Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:acm:2.6::el8" } } } ], "category": "product_family", "name": "Red Hat ACM" }, { "branches": [ { "category": "product_version", "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:c1941e25531233a823280f6c564e207c7147104945418bbe4212da5ca609b5fb_s390x", "product": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:c1941e25531233a823280f6c564e207c7147104945418bbe4212da5ca609b5fb_s390x", "product_id": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:c1941e25531233a823280f6c564e207c7147104945418bbe4212da5ca609b5fb_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-governance-policy-addon-controller-rhel8@sha256:c1941e25531233a823280f6c564e207c7147104945418bbe4212da5ca609b5fb?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/acm-grafana-rhel8@sha256:43eefdc422f15d49b0e22fbc2b0cf59430a73c897562f5672ab816de1ef628ca_s390x", "product": { "name": "rhacm2/acm-grafana-rhel8@sha256:43eefdc422f15d49b0e22fbc2b0cf59430a73c897562f5672ab816de1ef628ca_s390x", "product_id": "rhacm2/acm-grafana-rhel8@sha256:43eefdc422f15d49b0e22fbc2b0cf59430a73c897562f5672ab816de1ef628ca_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-grafana-rhel8@sha256:43eefdc422f15d49b0e22fbc2b0cf59430a73c897562f5672ab816de1ef628ca?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/acm-must-gather-rhel8@sha256:79d17fcb99890489ef19b29aefdf559ce8105f204c2e9d241153368f1b70b7a9_s390x", "product": { "name": "rhacm2/acm-must-gather-rhel8@sha256:79d17fcb99890489ef19b29aefdf559ce8105f204c2e9d241153368f1b70b7a9_s390x", "product_id": "rhacm2/acm-must-gather-rhel8@sha256:79d17fcb99890489ef19b29aefdf559ce8105f204c2e9d241153368f1b70b7a9_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-must-gather-rhel8@sha256:79d17fcb99890489ef19b29aefdf559ce8105f204c2e9d241153368f1b70b7a9?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/acm-operator-bundle@sha256:4250f5cde3f6f70c34b7fe503fb4c838682cfb04ab5c9febe9a7455b841422f6_s390x", "product": { "name": "rhacm2/acm-operator-bundle@sha256:4250f5cde3f6f70c34b7fe503fb4c838682cfb04ab5c9febe9a7455b841422f6_s390x", "product_id": "rhacm2/acm-operator-bundle@sha256:4250f5cde3f6f70c34b7fe503fb4c838682cfb04ab5c9febe9a7455b841422f6_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-operator-bundle@sha256:4250f5cde3f6f70c34b7fe503fb4c838682cfb04ab5c9febe9a7455b841422f6?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.6.3-37" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:da218dc1cc58c7522b230869b09c837f50b91e790afc5e2ebcbc8bf217fcaf7b_s390x", "product": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:da218dc1cc58c7522b230869b09c837f50b91e790afc5e2ebcbc8bf217fcaf7b_s390x", "product_id": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:da218dc1cc58c7522b230869b09c837f50b91e790afc5e2ebcbc8bf217fcaf7b_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-config-reloader-rhel8@sha256:da218dc1cc58c7522b230869b09c837f50b91e790afc5e2ebcbc8bf217fcaf7b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-rhel8@sha256:de87edacf2754ee62bfab323e5729f6a79b8ffcc8b0d89a106653400b5cb22e1_s390x", "product": { "name": "rhacm2/acm-prometheus-rhel8@sha256:de87edacf2754ee62bfab323e5729f6a79b8ffcc8b0d89a106653400b5cb22e1_s390x", "product_id": "rhacm2/acm-prometheus-rhel8@sha256:de87edacf2754ee62bfab323e5729f6a79b8ffcc8b0d89a106653400b5cb22e1_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-rhel8@sha256:de87edacf2754ee62bfab323e5729f6a79b8ffcc8b0d89a106653400b5cb22e1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:da2b284230284bbbf8d67cd54af44f75b9c56d0de52f85f3b2b31461a2a7933a_s390x", "product": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:da2b284230284bbbf8d67cd54af44f75b9c56d0de52f85f3b2b31461a2a7933a_s390x", "product_id": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:da2b284230284bbbf8d67cd54af44f75b9c56d0de52f85f3b2b31461a2a7933a_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-volsync-addon-controller-rhel8@sha256:da2b284230284bbbf8d67cd54af44f75b9c56d0de52f85f3b2b31461a2a7933a?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/cert-policy-controller-rhel8@sha256:a3a843254a247d6bf8c12af97c7f9bb7cd41b6aa04d791370af4bc454de0062f_s390x", "product": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:a3a843254a247d6bf8c12af97c7f9bb7cd41b6aa04d791370af4bc454de0062f_s390x", "product_id": "rhacm2/cert-policy-controller-rhel8@sha256:a3a843254a247d6bf8c12af97c7f9bb7cd41b6aa04d791370af4bc454de0062f_s390x", "product_identification_helper": { "purl": "pkg:oci/cert-policy-controller-rhel8@sha256:a3a843254a247d6bf8c12af97c7f9bb7cd41b6aa04d791370af4bc454de0062f?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/cluster-backup-rhel8-operator@sha256:a5280612e833e10f950729983478a6252aaa62490091696d913f41225816ff9e_s390x", "product": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:a5280612e833e10f950729983478a6252aaa62490091696d913f41225816ff9e_s390x", "product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:a5280612e833e10f950729983478a6252aaa62490091696d913f41225816ff9e_s390x", "product_identification_helper": { "purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:a5280612e833e10f950729983478a6252aaa62490091696d913f41225816ff9e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/config-policy-controller-rhel8@sha256:32a2410084b0e02ace6a50d2f94369b1013f191e996c779067af2dd6d5ef704a_s390x", "product": { "name": "rhacm2/config-policy-controller-rhel8@sha256:32a2410084b0e02ace6a50d2f94369b1013f191e996c779067af2dd6d5ef704a_s390x", "product_id": "rhacm2/config-policy-controller-rhel8@sha256:32a2410084b0e02ace6a50d2f94369b1013f191e996c779067af2dd6d5ef704a_s390x", "product_identification_helper": { "purl": "pkg:oci/config-policy-controller-rhel8@sha256:32a2410084b0e02ace6a50d2f94369b1013f191e996c779067af2dd6d5ef704a?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/console-rhel8@sha256:74718380683dd2ad8bba18ae57e7573a4d9d835a4a48de51fec2d20e78c2f7b1_s390x", "product": { "name": "rhacm2/console-rhel8@sha256:74718380683dd2ad8bba18ae57e7573a4d9d835a4a48de51fec2d20e78c2f7b1_s390x", "product_id": "rhacm2/console-rhel8@sha256:74718380683dd2ad8bba18ae57e7573a4d9d835a4a48de51fec2d20e78c2f7b1_s390x", "product_identification_helper": { "purl": "pkg:oci/console-rhel8@sha256:74718380683dd2ad8bba18ae57e7573a4d9d835a4a48de51fec2d20e78c2f7b1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.6.3-12" } } }, { "category": "product_version", "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:6b5cb903d4b108c98672bae1b09d37254cb45ec0140d895aa109f757a74e3900_s390x", "product": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:6b5cb903d4b108c98672bae1b09d37254cb45ec0140d895aa109f757a74e3900_s390x", "product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:6b5cb903d4b108c98672bae1b09d37254cb45ec0140d895aa109f757a74e3900_s390x", "product_identification_helper": { "purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:6b5cb903d4b108c98672bae1b09d37254cb45ec0140d895aa109f757a74e3900?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-propagator-rhel8@sha256:7695a160568b7ec52f8325da984abd4e6703289040020c8c63d146833d34109d_s390x", "product": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:7695a160568b7ec52f8325da984abd4e6703289040020c8c63d146833d34109d_s390x", "product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:7695a160568b7ec52f8325da984abd4e6703289040020c8c63d146833d34109d_s390x", "product_identification_helper": { "purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:7695a160568b7ec52f8325da984abd4e6703289040020c8c63d146833d34109d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:71853feadcde144e2b483b1643b1234c61adc46b6a0ec87d28c5a3dc9cd17b28_s390x", "product": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:71853feadcde144e2b483b1643b1234c61adc46b6a0ec87d28c5a3dc9cd17b28_s390x", "product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:71853feadcde144e2b483b1643b1234c61adc46b6a0ec87d28c5a3dc9cd17b28_s390x", "product_identification_helper": { "purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:71853feadcde144e2b483b1643b1234c61adc46b6a0ec87d28c5a3dc9cd17b28?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:de8da7ee86e521d9dd0f5c35c0a7cb519c3a0e8e68ff1102e937a49609c8c342_s390x", "product": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:de8da7ee86e521d9dd0f5c35c0a7cb519c3a0e8e68ff1102e937a49609c8c342_s390x", "product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:de8da7ee86e521d9dd0f5c35c0a7cb519c3a0e8e68ff1102e937a49609c8c342_s390x", "product_identification_helper": { "purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:de8da7ee86e521d9dd0f5c35c0a7cb519c3a0e8e68ff1102e937a49609c8c342?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:512a9ccdab049b9777745360f882f9a2784622f66c406fe68d7a5f7efb8b6c1d_s390x", "product": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:512a9ccdab049b9777745360f882f9a2784622f66c406fe68d7a5f7efb8b6c1d_s390x", "product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:512a9ccdab049b9777745360f882f9a2784622f66c406fe68d7a5f7efb8b6c1d_s390x", "product_identification_helper": { "purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:512a9ccdab049b9777745360f882f9a2784622f66c406fe68d7a5f7efb8b6c1d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:bf4643c1013541a05f93cc0ee72c6d2969984d8e540a270b12438fcaad07d674_s390x", "product": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:bf4643c1013541a05f93cc0ee72c6d2969984d8e540a270b12438fcaad07d674_s390x", "product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:bf4643c1013541a05f93cc0ee72c6d2969984d8e540a270b12438fcaad07d674_s390x", "product_identification_helper": { "purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:bf4643c1013541a05f93cc0ee72c6d2969984d8e540a270b12438fcaad07d674?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/iam-policy-controller-rhel8@sha256:e948ee3817a6438e113c3aa2cd0143d407f9a6c271d5a65bbee5cd7b36475b5d_s390x", "product": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:e948ee3817a6438e113c3aa2cd0143d407f9a6c271d5a65bbee5cd7b36475b5d_s390x", "product_id": "rhacm2/iam-policy-controller-rhel8@sha256:e948ee3817a6438e113c3aa2cd0143d407f9a6c271d5a65bbee5cd7b36475b5d_s390x", "product_identification_helper": { "purl": "pkg:oci/iam-policy-controller-rhel8@sha256:e948ee3817a6438e113c3aa2cd0143d407f9a6c271d5a65bbee5cd7b36475b5d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/insights-client-rhel8@sha256:2d28a9c2bcf4a880988127333244505a91e7efdfaf06958fec7b8560ac6a964c_s390x", "product": { "name": "rhacm2/insights-client-rhel8@sha256:2d28a9c2bcf4a880988127333244505a91e7efdfaf06958fec7b8560ac6a964c_s390x", "product_id": "rhacm2/insights-client-rhel8@sha256:2d28a9c2bcf4a880988127333244505a91e7efdfaf06958fec7b8560ac6a964c_s390x", "product_identification_helper": { "purl": "pkg:oci/insights-client-rhel8@sha256:2d28a9c2bcf4a880988127333244505a91e7efdfaf06958fec7b8560ac6a964c?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/insights-metrics-rhel8@sha256:0e561b7cfc68fa380ee5939d1b03566adccd7bc3d11ae39796a7816240a29c42_s390x", "product": { "name": "rhacm2/insights-metrics-rhel8@sha256:0e561b7cfc68fa380ee5939d1b03566adccd7bc3d11ae39796a7816240a29c42_s390x", "product_id": "rhacm2/insights-metrics-rhel8@sha256:0e561b7cfc68fa380ee5939d1b03566adccd7bc3d11ae39796a7816240a29c42_s390x", "product_identification_helper": { "purl": "pkg:oci/insights-metrics-rhel8@sha256:0e561b7cfc68fa380ee5939d1b03566adccd7bc3d11ae39796a7816240a29c42?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:01785c91ce63587118e914d6af9f8fb6e2e47a1727ce95191fb7077ffad11699_s390x", "product": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:01785c91ce63587118e914d6af9f8fb6e2e47a1727ce95191fb7077ffad11699_s390x", "product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:01785c91ce63587118e914d6af9f8fb6e2e47a1727ce95191fb7077ffad11699_s390x", "product_identification_helper": { "purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:01785c91ce63587118e914d6af9f8fb6e2e47a1727ce95191fb7077ffad11699?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:e476cd6b1eff4afc3826a2e16ad7dd6f0bff6af911ff4b82723f0841c156cfc2_s390x", "product": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:e476cd6b1eff4afc3826a2e16ad7dd6f0bff6af911ff4b82723f0841c156cfc2_s390x", "product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:e476cd6b1eff4afc3826a2e16ad7dd6f0bff6af911ff4b82723f0841c156cfc2_s390x", "product_identification_helper": { "purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:e476cd6b1eff4afc3826a2e16ad7dd6f0bff6af911ff4b82723f0841c156cfc2?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/kube-state-metrics-rhel8@sha256:cb1920014ca8188f09fea9006545dbc19a2920672402cae098f163b3299fe49a_s390x", "product": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:cb1920014ca8188f09fea9006545dbc19a2920672402cae098f163b3299fe49a_s390x", "product_id": "rhacm2/kube-state-metrics-rhel8@sha256:cb1920014ca8188f09fea9006545dbc19a2920672402cae098f163b3299fe49a_s390x", "product_identification_helper": { "purl": "pkg:oci/kube-state-metrics-rhel8@sha256:cb1920014ca8188f09fea9006545dbc19a2920672402cae098f163b3299fe49a?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/management-ingress-rhel8@sha256:7689e721b67e11fe79e1280c8158ccad5b5b0e65dc0b063823b39ee404929d9d_s390x", "product": { "name": "rhacm2/management-ingress-rhel8@sha256:7689e721b67e11fe79e1280c8158ccad5b5b0e65dc0b063823b39ee404929d9d_s390x", "product_id": "rhacm2/management-ingress-rhel8@sha256:7689e721b67e11fe79e1280c8158ccad5b5b0e65dc0b063823b39ee404929d9d_s390x", "product_identification_helper": { "purl": "pkg:oci/management-ingress-rhel8@sha256:7689e721b67e11fe79e1280c8158ccad5b5b0e65dc0b063823b39ee404929d9d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/memcached-rhel8@sha256:03c1ed5a3abeb0db4c1ed42e5e1b3fa230421150d010127316b4ec73e00f044b_s390x", "product": { "name": "rhacm2/memcached-rhel8@sha256:03c1ed5a3abeb0db4c1ed42e5e1b3fa230421150d010127316b4ec73e00f044b_s390x", "product_id": "rhacm2/memcached-rhel8@sha256:03c1ed5a3abeb0db4c1ed42e5e1b3fa230421150d010127316b4ec73e00f044b_s390x", "product_identification_helper": { "purl": "pkg:oci/memcached-rhel8@sha256:03c1ed5a3abeb0db4c1ed42e5e1b3fa230421150d010127316b4ec73e00f044b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/memcached-exporter-rhel8@sha256:290dc7f6a9e14c7e1f43716d06a15b5cf5f202b88606d239bf69cf6baec72161_s390x", "product": { "name": "rhacm2/memcached-exporter-rhel8@sha256:290dc7f6a9e14c7e1f43716d06a15b5cf5f202b88606d239bf69cf6baec72161_s390x", "product_id": "rhacm2/memcached-exporter-rhel8@sha256:290dc7f6a9e14c7e1f43716d06a15b5cf5f202b88606d239bf69cf6baec72161_s390x", "product_identification_helper": { "purl": "pkg:oci/memcached-exporter-rhel8@sha256:290dc7f6a9e14c7e1f43716d06a15b5cf5f202b88606d239bf69cf6baec72161?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/metrics-collector-rhel8@sha256:4b8124d8d4274ab1500fa638daf8199aeb8e3cbc56b1ac79f826b4a999c1cd3a_s390x", "product": { "name": "rhacm2/metrics-collector-rhel8@sha256:4b8124d8d4274ab1500fa638daf8199aeb8e3cbc56b1ac79f826b4a999c1cd3a_s390x", "product_id": "rhacm2/metrics-collector-rhel8@sha256:4b8124d8d4274ab1500fa638daf8199aeb8e3cbc56b1ac79f826b4a999c1cd3a_s390x", "product_identification_helper": { "purl": "pkg:oci/metrics-collector-rhel8@sha256:4b8124d8d4274ab1500fa638daf8199aeb8e3cbc56b1ac79f826b4a999c1cd3a?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicloud-integrations-rhel8@sha256:8a1df5b72b8a54c5db4adb393754a62345c8e7ef2b8daa83043e465d99acf6d2_s390x", "product": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:8a1df5b72b8a54c5db4adb393754a62345c8e7ef2b8daa83043e465d99acf6d2_s390x", "product_id": "rhacm2/multicloud-integrations-rhel8@sha256:8a1df5b72b8a54c5db4adb393754a62345c8e7ef2b8daa83043e465d99acf6d2_s390x", "product_identification_helper": { "purl": "pkg:oci/multicloud-integrations-rhel8@sha256:8a1df5b72b8a54c5db4adb393754a62345c8e7ef2b8daa83043e465d99acf6d2?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-rhel8@sha256:8952c04ed09cff20fe17a2e21c36498fa70a600906a36de2da210d13f839b4f4_s390x", "product": { "name": "rhacm2/multiclusterhub-rhel8@sha256:8952c04ed09cff20fe17a2e21c36498fa70a600906a36de2da210d13f839b4f4_s390x", "product_id": "rhacm2/multiclusterhub-rhel8@sha256:8952c04ed09cff20fe17a2e21c36498fa70a600906a36de2da210d13f839b4f4_s390x", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-rhel8@sha256:8952c04ed09cff20fe17a2e21c36498fa70a600906a36de2da210d13f839b4f4?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.6.3-5" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:c2dc27eb7c085d404b4aa5c57ef863f8a26c59752891084675c3c510357a3792_s390x", "product": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:c2dc27eb7c085d404b4aa5c57ef863f8a26c59752891084675c3c510357a3792_s390x", "product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:c2dc27eb7c085d404b4aa5c57ef863f8a26c59752891084675c3c510357a3792_s390x", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:c2dc27eb7c085d404b4aa5c57ef863f8a26c59752891084675c3c510357a3792?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:3fc8fb7098d191415b8971e984582cf8056d351d77025d642f7130ee1c1101d3_s390x", "product": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:3fc8fb7098d191415b8971e984582cf8056d351d77025d642f7130ee1c1101d3_s390x", "product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:3fc8fb7098d191415b8971e984582cf8056d351d77025d642f7130ee1c1101d3_s390x", "product_identification_helper": { "purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:3fc8fb7098d191415b8971e984582cf8056d351d77025d642f7130ee1c1101d3?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-application-rhel8@sha256:58de3caca958225eae8b4921bfdb5ea71be9129dda5a276e59ff5e1ad1946c66_s390x", "product": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:58de3caca958225eae8b4921bfdb5ea71be9129dda5a276e59ff5e1ad1946c66_s390x", "product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:58de3caca958225eae8b4921bfdb5ea71be9129dda5a276e59ff5e1ad1946c66_s390x", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:58de3caca958225eae8b4921bfdb5ea71be9129dda5a276e59ff5e1ad1946c66?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:5a269382be7cc13f315ca5f3b3d1f14ee1c7ddce06d00be7844346cc33bda9c5_s390x", "product": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:5a269382be7cc13f315ca5f3b3d1f14ee1c7ddce06d00be7844346cc33bda9c5_s390x", "product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:5a269382be7cc13f315ca5f3b3d1f14ee1c7ddce06d00be7844346cc33bda9c5_s390x", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:5a269382be7cc13f315ca5f3b3d1f14ee1c7ddce06d00be7844346cc33bda9c5?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:1b0805e059570d78204cd90362abd5be51bae68ee6d68a16b7253a796e84ab95_s390x", "product": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:1b0805e059570d78204cd90362abd5be51bae68ee6d68a16b7253a796e84ab95_s390x", "product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:1b0805e059570d78204cd90362abd5be51bae68ee6d68a16b7253a796e84ab95_s390x", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:1b0805e059570d78204cd90362abd5be51bae68ee6d68a16b7253a796e84ab95?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/node-exporter-rhel8@sha256:888418f0fbe551a235ca2e31472caba76a9a44b7a98f2257b43f236dd08a638c_s390x", "product": { "name": "rhacm2/node-exporter-rhel8@sha256:888418f0fbe551a235ca2e31472caba76a9a44b7a98f2257b43f236dd08a638c_s390x", "product_id": "rhacm2/node-exporter-rhel8@sha256:888418f0fbe551a235ca2e31472caba76a9a44b7a98f2257b43f236dd08a638c_s390x", "product_identification_helper": { "purl": "pkg:oci/node-exporter-rhel8@sha256:888418f0fbe551a235ca2e31472caba76a9a44b7a98f2257b43f236dd08a638c?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8@sha256:85e91086e8fd262482177ab8704ea07b879356f8e55f1a204b3300c52f04b953_s390x", "product": { "name": "rhacm2/observatorium-rhel8@sha256:85e91086e8fd262482177ab8704ea07b879356f8e55f1a204b3300c52f04b953_s390x", "product_id": "rhacm2/observatorium-rhel8@sha256:85e91086e8fd262482177ab8704ea07b879356f8e55f1a204b3300c52f04b953_s390x", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8@sha256:85e91086e8fd262482177ab8704ea07b879356f8e55f1a204b3300c52f04b953?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8-operator@sha256:43bbf7abf149072af9b440ba006e20a36e7adcfdd136c75914aacd166d0e7300_s390x", "product": { "name": "rhacm2/observatorium-rhel8-operator@sha256:43bbf7abf149072af9b440ba006e20a36e7adcfdd136c75914aacd166d0e7300_s390x", "product_id": "rhacm2/observatorium-rhel8-operator@sha256:43bbf7abf149072af9b440ba006e20a36e7adcfdd136c75914aacd166d0e7300_s390x", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8-operator@sha256:43bbf7abf149072af9b440ba006e20a36e7adcfdd136c75914aacd166d0e7300?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:8dde4f312bdfc72eb84bcbf4ccd6f8f7fc3dee8f82b84aac4c661c05d2669546_s390x", "product": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:8dde4f312bdfc72eb84bcbf4ccd6f8f7fc3dee8f82b84aac4c661c05d2669546_s390x", "product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:8dde4f312bdfc72eb84bcbf4ccd6f8f7fc3dee8f82b84aac4c661c05d2669546_s390x", "product_identification_helper": { "purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:8dde4f312bdfc72eb84bcbf4ccd6f8f7fc3dee8f82b84aac4c661c05d2669546?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/prometheus-rhel8@sha256:b0be4aa03a021f62b8bceb029aa3baef4f86be280c2bcc9255454f40c345a46a_s390x", "product": { "name": "rhacm2/prometheus-rhel8@sha256:b0be4aa03a021f62b8bceb029aa3baef4f86be280c2bcc9255454f40c345a46a_s390x", "product_id": "rhacm2/prometheus-rhel8@sha256:b0be4aa03a021f62b8bceb029aa3baef4f86be280c2bcc9255454f40c345a46a_s390x", "product_identification_helper": { "purl": "pkg:oci/prometheus-rhel8@sha256:b0be4aa03a021f62b8bceb029aa3baef4f86be280c2bcc9255454f40c345a46a?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/rbac-query-proxy-rhel8@sha256:c23546c1fbd394f9a736a00ab41404874b5a38fb43f6ae6be666a892163fc95b_s390x", "product": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:c23546c1fbd394f9a736a00ab41404874b5a38fb43f6ae6be666a892163fc95b_s390x", "product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:c23546c1fbd394f9a736a00ab41404874b5a38fb43f6ae6be666a892163fc95b_s390x", "product_identification_helper": { "purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:c23546c1fbd394f9a736a00ab41404874b5a38fb43f6ae6be666a892163fc95b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/redisgraph-tls-rhel8@sha256:d19c4ecc6436c20e109ea34e7b4c9d247cfae129111ac2ec458bb8a5598e0465_s390x", "product": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:d19c4ecc6436c20e109ea34e7b4c9d247cfae129111ac2ec458bb8a5598e0465_s390x", "product_id": "rhacm2/redisgraph-tls-rhel8@sha256:d19c4ecc6436c20e109ea34e7b4c9d247cfae129111ac2ec458bb8a5598e0465_s390x", "product_identification_helper": { "purl": "pkg:oci/redisgraph-tls-rhel8@sha256:d19c4ecc6436c20e109ea34e7b4c9d247cfae129111ac2ec458bb8a5598e0465?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/search-aggregator-rhel8@sha256:d0046873c8908a14953fd5dba03db185cc03203a6f8dfc04a7a89e3175b996d1_s390x", "product": { "name": "rhacm2/search-aggregator-rhel8@sha256:d0046873c8908a14953fd5dba03db185cc03203a6f8dfc04a7a89e3175b996d1_s390x", "product_id": "rhacm2/search-aggregator-rhel8@sha256:d0046873c8908a14953fd5dba03db185cc03203a6f8dfc04a7a89e3175b996d1_s390x", "product_identification_helper": { "purl": "pkg:oci/search-aggregator-rhel8@sha256:d0046873c8908a14953fd5dba03db185cc03203a6f8dfc04a7a89e3175b996d1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/search-api-rhel8@sha256:3f44de1b10f85e2a44359c9e25ae6ce4faf706cd81b70bca95ff4ae3fb9b254c_s390x", "product": { "name": "rhacm2/search-api-rhel8@sha256:3f44de1b10f85e2a44359c9e25ae6ce4faf706cd81b70bca95ff4ae3fb9b254c_s390x", "product_id": "rhacm2/search-api-rhel8@sha256:3f44de1b10f85e2a44359c9e25ae6ce4faf706cd81b70bca95ff4ae3fb9b254c_s390x", "product_identification_helper": { "purl": "pkg:oci/search-api-rhel8@sha256:3f44de1b10f85e2a44359c9e25ae6ce4faf706cd81b70bca95ff4ae3fb9b254c?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/search-collector-rhel8@sha256:0b3b741a2d2fd6b7cca299646441fa03a4ca0229b8de03079e12daf57aee6104_s390x", "product": { "name": "rhacm2/search-collector-rhel8@sha256:0b3b741a2d2fd6b7cca299646441fa03a4ca0229b8de03079e12daf57aee6104_s390x", "product_id": "rhacm2/search-collector-rhel8@sha256:0b3b741a2d2fd6b7cca299646441fa03a4ca0229b8de03079e12daf57aee6104_s390x", "product_identification_helper": { "purl": "pkg:oci/search-collector-rhel8@sha256:0b3b741a2d2fd6b7cca299646441fa03a4ca0229b8de03079e12daf57aee6104?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/search-rhel8@sha256:ca6764cb3a434226041841770ff985784d45767700d7a1dc572591d7d9d171f2_s390x", "product": { "name": "rhacm2/search-rhel8@sha256:ca6764cb3a434226041841770ff985784d45767700d7a1dc572591d7d9d171f2_s390x", "product_id": "rhacm2/search-rhel8@sha256:ca6764cb3a434226041841770ff985784d45767700d7a1dc572591d7d9d171f2_s390x", "product_identification_helper": { "purl": "pkg:oci/search-rhel8@sha256:ca6764cb3a434226041841770ff985784d45767700d7a1dc572591d7d9d171f2?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/submariner-addon-rhel8@sha256:56ef39f2ca620582acb64dd973bcd15711ab02673fc8f507120341a6ac53307b_s390x", "product": { "name": "rhacm2/submariner-addon-rhel8@sha256:56ef39f2ca620582acb64dd973bcd15711ab02673fc8f507120341a6ac53307b_s390x", "product_id": "rhacm2/submariner-addon-rhel8@sha256:56ef39f2ca620582acb64dd973bcd15711ab02673fc8f507120341a6ac53307b_s390x", "product_identification_helper": { "purl": "pkg:oci/submariner-addon-rhel8@sha256:56ef39f2ca620582acb64dd973bcd15711ab02673fc8f507120341a6ac53307b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.6.3-7" } } }, { "category": "product_version", "name": "rhacm2/thanos-rhel8@sha256:76e0bcee8c17bdafa057def3bf3cdb0086b5c6098fac58b2474d431cf848750f_s390x", "product": { "name": "rhacm2/thanos-rhel8@sha256:76e0bcee8c17bdafa057def3bf3cdb0086b5c6098fac58b2474d431cf848750f_s390x", "product_id": "rhacm2/thanos-rhel8@sha256:76e0bcee8c17bdafa057def3bf3cdb0086b5c6098fac58b2474d431cf848750f_s390x", "product_identification_helper": { "purl": "pkg:oci/thanos-rhel8@sha256:76e0bcee8c17bdafa057def3bf3cdb0086b5c6098fac58b2474d431cf848750f?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/thanos-receive-controller-rhel8@sha256:662be434583da6cf319324720d9ac637e8ad63170d47b23a4fe5eb7e8ee2d1b8_s390x", "product": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:662be434583da6cf319324720d9ac637e8ad63170d47b23a4fe5eb7e8ee2d1b8_s390x", "product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:662be434583da6cf319324720d9ac637e8ad63170d47b23a4fe5eb7e8ee2d1b8_s390x", "product_identification_helper": { "purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:662be434583da6cf319324720d9ac637e8ad63170d47b23a4fe5eb7e8ee2d1b8?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.6.3-3" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:35fc6c2de10172bfa9ec042d332219ceded91e0ec65c3e65837e37679ef1e891_ppc64le", "product": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:35fc6c2de10172bfa9ec042d332219ceded91e0ec65c3e65837e37679ef1e891_ppc64le", "product_id": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:35fc6c2de10172bfa9ec042d332219ceded91e0ec65c3e65837e37679ef1e891_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-governance-policy-addon-controller-rhel8@sha256:35fc6c2de10172bfa9ec042d332219ceded91e0ec65c3e65837e37679ef1e891?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/acm-grafana-rhel8@sha256:99af8ed5f5123f8800465545d96e08b65ec8ad2adb59dfdb03f0a8c0062478b9_ppc64le", "product": { "name": "rhacm2/acm-grafana-rhel8@sha256:99af8ed5f5123f8800465545d96e08b65ec8ad2adb59dfdb03f0a8c0062478b9_ppc64le", "product_id": "rhacm2/acm-grafana-rhel8@sha256:99af8ed5f5123f8800465545d96e08b65ec8ad2adb59dfdb03f0a8c0062478b9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-grafana-rhel8@sha256:99af8ed5f5123f8800465545d96e08b65ec8ad2adb59dfdb03f0a8c0062478b9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/acm-must-gather-rhel8@sha256:5fc53fbfd6f4db093c4b759572ffe552edfb14a7d90f4a7e7159886a0cf8b934_ppc64le", "product": { "name": "rhacm2/acm-must-gather-rhel8@sha256:5fc53fbfd6f4db093c4b759572ffe552edfb14a7d90f4a7e7159886a0cf8b934_ppc64le", "product_id": "rhacm2/acm-must-gather-rhel8@sha256:5fc53fbfd6f4db093c4b759572ffe552edfb14a7d90f4a7e7159886a0cf8b934_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-must-gather-rhel8@sha256:5fc53fbfd6f4db093c4b759572ffe552edfb14a7d90f4a7e7159886a0cf8b934?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/acm-operator-bundle@sha256:958e3848e2e4ef8fab390e4fc15f106616e5b6e1313f8f6d8b347b0b83c80636_ppc64le", "product": { "name": "rhacm2/acm-operator-bundle@sha256:958e3848e2e4ef8fab390e4fc15f106616e5b6e1313f8f6d8b347b0b83c80636_ppc64le", "product_id": "rhacm2/acm-operator-bundle@sha256:958e3848e2e4ef8fab390e4fc15f106616e5b6e1313f8f6d8b347b0b83c80636_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-operator-bundle@sha256:958e3848e2e4ef8fab390e4fc15f106616e5b6e1313f8f6d8b347b0b83c80636?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.6.3-37" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:35bb8ab4899ede811e586e30ba45c7b794b80e76bec005878095ad798358221b_ppc64le", "product": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:35bb8ab4899ede811e586e30ba45c7b794b80e76bec005878095ad798358221b_ppc64le", "product_id": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:35bb8ab4899ede811e586e30ba45c7b794b80e76bec005878095ad798358221b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-config-reloader-rhel8@sha256:35bb8ab4899ede811e586e30ba45c7b794b80e76bec005878095ad798358221b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-rhel8@sha256:1410f6af450d9fefbd6f8618981865e8fd4e0d3f1c7fc5ab052b128bb358bdb3_ppc64le", "product": { "name": "rhacm2/acm-prometheus-rhel8@sha256:1410f6af450d9fefbd6f8618981865e8fd4e0d3f1c7fc5ab052b128bb358bdb3_ppc64le", "product_id": "rhacm2/acm-prometheus-rhel8@sha256:1410f6af450d9fefbd6f8618981865e8fd4e0d3f1c7fc5ab052b128bb358bdb3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-rhel8@sha256:1410f6af450d9fefbd6f8618981865e8fd4e0d3f1c7fc5ab052b128bb358bdb3?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:2eaefe3d0a04912a54e68fc1c6e7d51d5ef05c93e07da9861cd82f87e6baf22a_ppc64le", "product": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:2eaefe3d0a04912a54e68fc1c6e7d51d5ef05c93e07da9861cd82f87e6baf22a_ppc64le", "product_id": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:2eaefe3d0a04912a54e68fc1c6e7d51d5ef05c93e07da9861cd82f87e6baf22a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-volsync-addon-controller-rhel8@sha256:2eaefe3d0a04912a54e68fc1c6e7d51d5ef05c93e07da9861cd82f87e6baf22a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/cert-policy-controller-rhel8@sha256:8b5e8a7050ac5a5ea4cd1df3de6e58446b082c94af8f0185f89c27090a2a02b4_ppc64le", "product": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:8b5e8a7050ac5a5ea4cd1df3de6e58446b082c94af8f0185f89c27090a2a02b4_ppc64le", "product_id": "rhacm2/cert-policy-controller-rhel8@sha256:8b5e8a7050ac5a5ea4cd1df3de6e58446b082c94af8f0185f89c27090a2a02b4_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cert-policy-controller-rhel8@sha256:8b5e8a7050ac5a5ea4cd1df3de6e58446b082c94af8f0185f89c27090a2a02b4?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/cluster-backup-rhel8-operator@sha256:78db56efe92cdbcb02b90a01f5810f340870f8ea65ce13d64968c8f35388dc40_ppc64le", "product": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:78db56efe92cdbcb02b90a01f5810f340870f8ea65ce13d64968c8f35388dc40_ppc64le", "product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:78db56efe92cdbcb02b90a01f5810f340870f8ea65ce13d64968c8f35388dc40_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:78db56efe92cdbcb02b90a01f5810f340870f8ea65ce13d64968c8f35388dc40?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/config-policy-controller-rhel8@sha256:58327cbc796e527bf108ffa08907a9592860afa2d9761ae6ef6ebfe581fadf4f_ppc64le", "product": { "name": "rhacm2/config-policy-controller-rhel8@sha256:58327cbc796e527bf108ffa08907a9592860afa2d9761ae6ef6ebfe581fadf4f_ppc64le", "product_id": "rhacm2/config-policy-controller-rhel8@sha256:58327cbc796e527bf108ffa08907a9592860afa2d9761ae6ef6ebfe581fadf4f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/config-policy-controller-rhel8@sha256:58327cbc796e527bf108ffa08907a9592860afa2d9761ae6ef6ebfe581fadf4f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/console-rhel8@sha256:08873157eef623ceb3482d49e7d13db26954c995afda3ed7c9bb54f327c87558_ppc64le", "product": { "name": "rhacm2/console-rhel8@sha256:08873157eef623ceb3482d49e7d13db26954c995afda3ed7c9bb54f327c87558_ppc64le", "product_id": "rhacm2/console-rhel8@sha256:08873157eef623ceb3482d49e7d13db26954c995afda3ed7c9bb54f327c87558_ppc64le", "product_identification_helper": { "purl": "pkg:oci/console-rhel8@sha256:08873157eef623ceb3482d49e7d13db26954c995afda3ed7c9bb54f327c87558?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.6.3-12" } } }, { "category": "product_version", "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:8a76f978de734da792cdceb8f84fccec344b191755976050cfb914990a11f474_ppc64le", "product": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:8a76f978de734da792cdceb8f84fccec344b191755976050cfb914990a11f474_ppc64le", "product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:8a76f978de734da792cdceb8f84fccec344b191755976050cfb914990a11f474_ppc64le", "product_identification_helper": { "purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:8a76f978de734da792cdceb8f84fccec344b191755976050cfb914990a11f474?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-propagator-rhel8@sha256:b185bd32f1cbeeca19da72b8b60910203963d048f01b3c5333475c539bacab6e_ppc64le", "product": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:b185bd32f1cbeeca19da72b8b60910203963d048f01b3c5333475c539bacab6e_ppc64le", "product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:b185bd32f1cbeeca19da72b8b60910203963d048f01b3c5333475c539bacab6e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:b185bd32f1cbeeca19da72b8b60910203963d048f01b3c5333475c539bacab6e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:534bfeddcdb71e091d41fecff793d6a6fce0515e5429845b0e865aa1b5dfdb62_ppc64le", "product": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:534bfeddcdb71e091d41fecff793d6a6fce0515e5429845b0e865aa1b5dfdb62_ppc64le", "product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:534bfeddcdb71e091d41fecff793d6a6fce0515e5429845b0e865aa1b5dfdb62_ppc64le", "product_identification_helper": { "purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:534bfeddcdb71e091d41fecff793d6a6fce0515e5429845b0e865aa1b5dfdb62?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:f1d9e1277d505d99cd3bcb3dc67708ed1e40041058dc97c59886363569f92019_ppc64le", "product": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:f1d9e1277d505d99cd3bcb3dc67708ed1e40041058dc97c59886363569f92019_ppc64le", "product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:f1d9e1277d505d99cd3bcb3dc67708ed1e40041058dc97c59886363569f92019_ppc64le", "product_identification_helper": { "purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:f1d9e1277d505d99cd3bcb3dc67708ed1e40041058dc97c59886363569f92019?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:e605a7da078a386a33cdb0873c02a7e81ed7d34d723e3a739f93c693dd56c3a7_ppc64le", "product": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:e605a7da078a386a33cdb0873c02a7e81ed7d34d723e3a739f93c693dd56c3a7_ppc64le", "product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:e605a7da078a386a33cdb0873c02a7e81ed7d34d723e3a739f93c693dd56c3a7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:e605a7da078a386a33cdb0873c02a7e81ed7d34d723e3a739f93c693dd56c3a7?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:1e31ff088aaae7fcf90251e0c13be9b550d25253dffc190b7c69a5bd916cb0e4_ppc64le", "product": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:1e31ff088aaae7fcf90251e0c13be9b550d25253dffc190b7c69a5bd916cb0e4_ppc64le", "product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:1e31ff088aaae7fcf90251e0c13be9b550d25253dffc190b7c69a5bd916cb0e4_ppc64le", "product_identification_helper": { "purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:1e31ff088aaae7fcf90251e0c13be9b550d25253dffc190b7c69a5bd916cb0e4?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/iam-policy-controller-rhel8@sha256:4030115941676ce2b4579eeca2cecefc064cc9b1e37be547040c31c97f8e19a5_ppc64le", "product": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:4030115941676ce2b4579eeca2cecefc064cc9b1e37be547040c31c97f8e19a5_ppc64le", "product_id": "rhacm2/iam-policy-controller-rhel8@sha256:4030115941676ce2b4579eeca2cecefc064cc9b1e37be547040c31c97f8e19a5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/iam-policy-controller-rhel8@sha256:4030115941676ce2b4579eeca2cecefc064cc9b1e37be547040c31c97f8e19a5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/insights-client-rhel8@sha256:d0a4a3f76ccbe6054bb94a2552232fdd46fca7ae2d45dde52ab90efae88470e8_ppc64le", "product": { "name": "rhacm2/insights-client-rhel8@sha256:d0a4a3f76ccbe6054bb94a2552232fdd46fca7ae2d45dde52ab90efae88470e8_ppc64le", "product_id": "rhacm2/insights-client-rhel8@sha256:d0a4a3f76ccbe6054bb94a2552232fdd46fca7ae2d45dde52ab90efae88470e8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/insights-client-rhel8@sha256:d0a4a3f76ccbe6054bb94a2552232fdd46fca7ae2d45dde52ab90efae88470e8?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/insights-metrics-rhel8@sha256:a23f9b106eb71077ad517a9a2699ff427881c50a27d67d005ba9270180ec3f04_ppc64le", "product": { "name": "rhacm2/insights-metrics-rhel8@sha256:a23f9b106eb71077ad517a9a2699ff427881c50a27d67d005ba9270180ec3f04_ppc64le", "product_id": "rhacm2/insights-metrics-rhel8@sha256:a23f9b106eb71077ad517a9a2699ff427881c50a27d67d005ba9270180ec3f04_ppc64le", "product_identification_helper": { "purl": "pkg:oci/insights-metrics-rhel8@sha256:a23f9b106eb71077ad517a9a2699ff427881c50a27d67d005ba9270180ec3f04?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7221c60e55a7911f94a218bce6fb7acda4877e04077ed1b9c51b6c6b2777b4a2_ppc64le", "product": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7221c60e55a7911f94a218bce6fb7acda4877e04077ed1b9c51b6c6b2777b4a2_ppc64le", "product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7221c60e55a7911f94a218bce6fb7acda4877e04077ed1b9c51b6c6b2777b4a2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:7221c60e55a7911f94a218bce6fb7acda4877e04077ed1b9c51b6c6b2777b4a2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:10174a096f4b4c5e7c0a723a1d497fc2a756e3e22415b507e791c81037073946_ppc64le", "product": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:10174a096f4b4c5e7c0a723a1d497fc2a756e3e22415b507e791c81037073946_ppc64le", "product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:10174a096f4b4c5e7c0a723a1d497fc2a756e3e22415b507e791c81037073946_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:10174a096f4b4c5e7c0a723a1d497fc2a756e3e22415b507e791c81037073946?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/kube-state-metrics-rhel8@sha256:10ee1e8513214127bc1699fd1d537925f80e4932c97df339e02e34348e8ce9f7_ppc64le", "product": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:10ee1e8513214127bc1699fd1d537925f80e4932c97df339e02e34348e8ce9f7_ppc64le", "product_id": "rhacm2/kube-state-metrics-rhel8@sha256:10ee1e8513214127bc1699fd1d537925f80e4932c97df339e02e34348e8ce9f7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kube-state-metrics-rhel8@sha256:10ee1e8513214127bc1699fd1d537925f80e4932c97df339e02e34348e8ce9f7?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/management-ingress-rhel8@sha256:51c011ba509cbadc16a96db1e8c3354c2d01e2449773a037824a6c310f46fead_ppc64le", "product": { "name": "rhacm2/management-ingress-rhel8@sha256:51c011ba509cbadc16a96db1e8c3354c2d01e2449773a037824a6c310f46fead_ppc64le", "product_id": "rhacm2/management-ingress-rhel8@sha256:51c011ba509cbadc16a96db1e8c3354c2d01e2449773a037824a6c310f46fead_ppc64le", "product_identification_helper": { "purl": "pkg:oci/management-ingress-rhel8@sha256:51c011ba509cbadc16a96db1e8c3354c2d01e2449773a037824a6c310f46fead?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/memcached-rhel8@sha256:25b0a82c5cd1eaa022bd551f9528392c91eff31a76993614583994ea1eebf40e_ppc64le", "product": { "name": "rhacm2/memcached-rhel8@sha256:25b0a82c5cd1eaa022bd551f9528392c91eff31a76993614583994ea1eebf40e_ppc64le", "product_id": "rhacm2/memcached-rhel8@sha256:25b0a82c5cd1eaa022bd551f9528392c91eff31a76993614583994ea1eebf40e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/memcached-rhel8@sha256:25b0a82c5cd1eaa022bd551f9528392c91eff31a76993614583994ea1eebf40e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/memcached-exporter-rhel8@sha256:aa993ba23cc6f0390bcbfaa46b029dae0da77a3722ddf0a35fd3a2235ae8ce0e_ppc64le", "product": { "name": "rhacm2/memcached-exporter-rhel8@sha256:aa993ba23cc6f0390bcbfaa46b029dae0da77a3722ddf0a35fd3a2235ae8ce0e_ppc64le", "product_id": "rhacm2/memcached-exporter-rhel8@sha256:aa993ba23cc6f0390bcbfaa46b029dae0da77a3722ddf0a35fd3a2235ae8ce0e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/memcached-exporter-rhel8@sha256:aa993ba23cc6f0390bcbfaa46b029dae0da77a3722ddf0a35fd3a2235ae8ce0e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/metrics-collector-rhel8@sha256:5530070a303d20029eead66535b0a071058ae26cd2ac975a36933ea1e4c9441f_ppc64le", "product": { "name": "rhacm2/metrics-collector-rhel8@sha256:5530070a303d20029eead66535b0a071058ae26cd2ac975a36933ea1e4c9441f_ppc64le", "product_id": "rhacm2/metrics-collector-rhel8@sha256:5530070a303d20029eead66535b0a071058ae26cd2ac975a36933ea1e4c9441f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/metrics-collector-rhel8@sha256:5530070a303d20029eead66535b0a071058ae26cd2ac975a36933ea1e4c9441f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicloud-integrations-rhel8@sha256:975c0658f16447d7de03e5aa9ded283d52bbe6b94265fa1144b282e09db5759b_ppc64le", "product": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:975c0658f16447d7de03e5aa9ded283d52bbe6b94265fa1144b282e09db5759b_ppc64le", "product_id": "rhacm2/multicloud-integrations-rhel8@sha256:975c0658f16447d7de03e5aa9ded283d52bbe6b94265fa1144b282e09db5759b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicloud-integrations-rhel8@sha256:975c0658f16447d7de03e5aa9ded283d52bbe6b94265fa1144b282e09db5759b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-rhel8@sha256:8062f267637743e41199ecd33d2c3c2341039ff1ab048d5d4af250c484da44f9_ppc64le", "product": { "name": "rhacm2/multiclusterhub-rhel8@sha256:8062f267637743e41199ecd33d2c3c2341039ff1ab048d5d4af250c484da44f9_ppc64le", "product_id": "rhacm2/multiclusterhub-rhel8@sha256:8062f267637743e41199ecd33d2c3c2341039ff1ab048d5d4af250c484da44f9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-rhel8@sha256:8062f267637743e41199ecd33d2c3c2341039ff1ab048d5d4af250c484da44f9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.6.3-5" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:66e88b74afb4b1d7ee4d83e47cff514234ce36ff61e5a50110963edcadcac52a_ppc64le", "product": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:66e88b74afb4b1d7ee4d83e47cff514234ce36ff61e5a50110963edcadcac52a_ppc64le", "product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:66e88b74afb4b1d7ee4d83e47cff514234ce36ff61e5a50110963edcadcac52a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:66e88b74afb4b1d7ee4d83e47cff514234ce36ff61e5a50110963edcadcac52a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:f3a6ac6fd1755690595a563766bf4257bf5f61c476e2c7975a10346a2a2fa9cc_ppc64le", "product": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:f3a6ac6fd1755690595a563766bf4257bf5f61c476e2c7975a10346a2a2fa9cc_ppc64le", "product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:f3a6ac6fd1755690595a563766bf4257bf5f61c476e2c7975a10346a2a2fa9cc_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:f3a6ac6fd1755690595a563766bf4257bf5f61c476e2c7975a10346a2a2fa9cc?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-application-rhel8@sha256:8d8f269b883f3226a7701840175dac7b869f443cab0e0d67611062c68c5e35a3_ppc64le", "product": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:8d8f269b883f3226a7701840175dac7b869f443cab0e0d67611062c68c5e35a3_ppc64le", "product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:8d8f269b883f3226a7701840175dac7b869f443cab0e0d67611062c68c5e35a3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:8d8f269b883f3226a7701840175dac7b869f443cab0e0d67611062c68c5e35a3?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:fe656727a6a4ddd9c301227e31c4ea5299633554bf3046fbdfccde3ace112d8c_ppc64le", "product": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:fe656727a6a4ddd9c301227e31c4ea5299633554bf3046fbdfccde3ace112d8c_ppc64le", "product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:fe656727a6a4ddd9c301227e31c4ea5299633554bf3046fbdfccde3ace112d8c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:fe656727a6a4ddd9c301227e31c4ea5299633554bf3046fbdfccde3ace112d8c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:530c3c831336ffb0489a05e03763f4e31f383aeef8f1a9dbd4c28831e58b44d2_ppc64le", "product": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:530c3c831336ffb0489a05e03763f4e31f383aeef8f1a9dbd4c28831e58b44d2_ppc64le", "product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:530c3c831336ffb0489a05e03763f4e31f383aeef8f1a9dbd4c28831e58b44d2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:530c3c831336ffb0489a05e03763f4e31f383aeef8f1a9dbd4c28831e58b44d2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/node-exporter-rhel8@sha256:3f428d7013475ab40bb3fd43b665bad9c68cc87b65056b08ea0eb1db3ce9b5b9_ppc64le", "product": { "name": "rhacm2/node-exporter-rhel8@sha256:3f428d7013475ab40bb3fd43b665bad9c68cc87b65056b08ea0eb1db3ce9b5b9_ppc64le", "product_id": "rhacm2/node-exporter-rhel8@sha256:3f428d7013475ab40bb3fd43b665bad9c68cc87b65056b08ea0eb1db3ce9b5b9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/node-exporter-rhel8@sha256:3f428d7013475ab40bb3fd43b665bad9c68cc87b65056b08ea0eb1db3ce9b5b9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8@sha256:40e5c987cdc42805e4ba160761cd56521023cb541701186efeebf83d42fd2e95_ppc64le", "product": { "name": "rhacm2/observatorium-rhel8@sha256:40e5c987cdc42805e4ba160761cd56521023cb541701186efeebf83d42fd2e95_ppc64le", "product_id": "rhacm2/observatorium-rhel8@sha256:40e5c987cdc42805e4ba160761cd56521023cb541701186efeebf83d42fd2e95_ppc64le", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8@sha256:40e5c987cdc42805e4ba160761cd56521023cb541701186efeebf83d42fd2e95?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8-operator@sha256:9e6d72947023881793fb2862c796fcc7bb779b950c1549ffad6ac5d8e857af7d_ppc64le", "product": { "name": "rhacm2/observatorium-rhel8-operator@sha256:9e6d72947023881793fb2862c796fcc7bb779b950c1549ffad6ac5d8e857af7d_ppc64le", "product_id": "rhacm2/observatorium-rhel8-operator@sha256:9e6d72947023881793fb2862c796fcc7bb779b950c1549ffad6ac5d8e857af7d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8-operator@sha256:9e6d72947023881793fb2862c796fcc7bb779b950c1549ffad6ac5d8e857af7d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:b117eb50400df9af256f117f84db65fcebdd24a9e7e8c7065bea6f81a8958777_ppc64le", "product": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:b117eb50400df9af256f117f84db65fcebdd24a9e7e8c7065bea6f81a8958777_ppc64le", "product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:b117eb50400df9af256f117f84db65fcebdd24a9e7e8c7065bea6f81a8958777_ppc64le", "product_identification_helper": { "purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:b117eb50400df9af256f117f84db65fcebdd24a9e7e8c7065bea6f81a8958777?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/prometheus-rhel8@sha256:fef8c54ad6a80b4b983824c47a608a5c862c4d9cbcf419e5810955ff762cdc92_ppc64le", "product": { "name": "rhacm2/prometheus-rhel8@sha256:fef8c54ad6a80b4b983824c47a608a5c862c4d9cbcf419e5810955ff762cdc92_ppc64le", "product_id": "rhacm2/prometheus-rhel8@sha256:fef8c54ad6a80b4b983824c47a608a5c862c4d9cbcf419e5810955ff762cdc92_ppc64le", "product_identification_helper": { "purl": "pkg:oci/prometheus-rhel8@sha256:fef8c54ad6a80b4b983824c47a608a5c862c4d9cbcf419e5810955ff762cdc92?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/rbac-query-proxy-rhel8@sha256:8afdaa5fe85f2e1b34c5f567e46458a9e80d666034144f32beb0d7dc66fb5ffa_ppc64le", "product": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:8afdaa5fe85f2e1b34c5f567e46458a9e80d666034144f32beb0d7dc66fb5ffa_ppc64le", "product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:8afdaa5fe85f2e1b34c5f567e46458a9e80d666034144f32beb0d7dc66fb5ffa_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:8afdaa5fe85f2e1b34c5f567e46458a9e80d666034144f32beb0d7dc66fb5ffa?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/redisgraph-tls-rhel8@sha256:af50cae15ba3dd44784d1d6a0b3f5492453f0aaf6ea8a54464c9e3184e266d14_ppc64le", "product": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:af50cae15ba3dd44784d1d6a0b3f5492453f0aaf6ea8a54464c9e3184e266d14_ppc64le", "product_id": "rhacm2/redisgraph-tls-rhel8@sha256:af50cae15ba3dd44784d1d6a0b3f5492453f0aaf6ea8a54464c9e3184e266d14_ppc64le", "product_identification_helper": { "purl": "pkg:oci/redisgraph-tls-rhel8@sha256:af50cae15ba3dd44784d1d6a0b3f5492453f0aaf6ea8a54464c9e3184e266d14?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/search-aggregator-rhel8@sha256:e2b942ae1857e40d3dc15162f6f9d4b05dc92a8e75afdcbca525998d4282ef77_ppc64le", "product": { "name": "rhacm2/search-aggregator-rhel8@sha256:e2b942ae1857e40d3dc15162f6f9d4b05dc92a8e75afdcbca525998d4282ef77_ppc64le", "product_id": "rhacm2/search-aggregator-rhel8@sha256:e2b942ae1857e40d3dc15162f6f9d4b05dc92a8e75afdcbca525998d4282ef77_ppc64le", "product_identification_helper": { "purl": "pkg:oci/search-aggregator-rhel8@sha256:e2b942ae1857e40d3dc15162f6f9d4b05dc92a8e75afdcbca525998d4282ef77?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/search-api-rhel8@sha256:d415463470dec22e2274919cfa6cfd5c8c35cccce6fe7fe7a90a440241ffcb65_ppc64le", "product": { "name": "rhacm2/search-api-rhel8@sha256:d415463470dec22e2274919cfa6cfd5c8c35cccce6fe7fe7a90a440241ffcb65_ppc64le", "product_id": "rhacm2/search-api-rhel8@sha256:d415463470dec22e2274919cfa6cfd5c8c35cccce6fe7fe7a90a440241ffcb65_ppc64le", "product_identification_helper": { "purl": "pkg:oci/search-api-rhel8@sha256:d415463470dec22e2274919cfa6cfd5c8c35cccce6fe7fe7a90a440241ffcb65?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/search-collector-rhel8@sha256:459f91281392b438603910cb677a377b2883cd260c2d46ab906d9347a02c9fc1_ppc64le", "product": { "name": "rhacm2/search-collector-rhel8@sha256:459f91281392b438603910cb677a377b2883cd260c2d46ab906d9347a02c9fc1_ppc64le", "product_id": "rhacm2/search-collector-rhel8@sha256:459f91281392b438603910cb677a377b2883cd260c2d46ab906d9347a02c9fc1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/search-collector-rhel8@sha256:459f91281392b438603910cb677a377b2883cd260c2d46ab906d9347a02c9fc1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/search-rhel8@sha256:6c32554ccf469c233348a45dd488b401ad61d4117cc7e3522e923e0adfda8916_ppc64le", "product": { "name": "rhacm2/search-rhel8@sha256:6c32554ccf469c233348a45dd488b401ad61d4117cc7e3522e923e0adfda8916_ppc64le", "product_id": "rhacm2/search-rhel8@sha256:6c32554ccf469c233348a45dd488b401ad61d4117cc7e3522e923e0adfda8916_ppc64le", "product_identification_helper": { "purl": "pkg:oci/search-rhel8@sha256:6c32554ccf469c233348a45dd488b401ad61d4117cc7e3522e923e0adfda8916?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/submariner-addon-rhel8@sha256:64b4788f45a57c43a12352786c4ac950fb21c6a51b42783317eae87ddf10c39d_ppc64le", "product": { "name": "rhacm2/submariner-addon-rhel8@sha256:64b4788f45a57c43a12352786c4ac950fb21c6a51b42783317eae87ddf10c39d_ppc64le", "product_id": "rhacm2/submariner-addon-rhel8@sha256:64b4788f45a57c43a12352786c4ac950fb21c6a51b42783317eae87ddf10c39d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/submariner-addon-rhel8@sha256:64b4788f45a57c43a12352786c4ac950fb21c6a51b42783317eae87ddf10c39d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.6.3-7" } } }, { "category": "product_version", "name": "rhacm2/thanos-rhel8@sha256:1cbda1caf9aac22cae15476d2ab6b8f8df4b25fdbaf539df72725351e1504433_ppc64le", "product": { "name": "rhacm2/thanos-rhel8@sha256:1cbda1caf9aac22cae15476d2ab6b8f8df4b25fdbaf539df72725351e1504433_ppc64le", "product_id": "rhacm2/thanos-rhel8@sha256:1cbda1caf9aac22cae15476d2ab6b8f8df4b25fdbaf539df72725351e1504433_ppc64le", "product_identification_helper": { "purl": "pkg:oci/thanos-rhel8@sha256:1cbda1caf9aac22cae15476d2ab6b8f8df4b25fdbaf539df72725351e1504433?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/thanos-receive-controller-rhel8@sha256:877f6c17034ee9b91211e642fe2bf4a60532067a0874e100fa2c317e114da2e2_ppc64le", "product": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:877f6c17034ee9b91211e642fe2bf4a60532067a0874e100fa2c317e114da2e2_ppc64le", "product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:877f6c17034ee9b91211e642fe2bf4a60532067a0874e100fa2c317e114da2e2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:877f6c17034ee9b91211e642fe2bf4a60532067a0874e100fa2c317e114da2e2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.6.3-3" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:f0db22323708e3c01a45d2d129ea9f3c677f99dd132c7e2dd941fb52a119c4b2_amd64", "product": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:f0db22323708e3c01a45d2d129ea9f3c677f99dd132c7e2dd941fb52a119c4b2_amd64", "product_id": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:f0db22323708e3c01a45d2d129ea9f3c677f99dd132c7e2dd941fb52a119c4b2_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-governance-policy-addon-controller-rhel8@sha256:f0db22323708e3c01a45d2d129ea9f3c677f99dd132c7e2dd941fb52a119c4b2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/acm-grafana-rhel8@sha256:f4a12750af0ff96c6d674f3b1b54fc003d430264dfb123f1475ca0f96dd74d35_amd64", "product": { "name": "rhacm2/acm-grafana-rhel8@sha256:f4a12750af0ff96c6d674f3b1b54fc003d430264dfb123f1475ca0f96dd74d35_amd64", "product_id": "rhacm2/acm-grafana-rhel8@sha256:f4a12750af0ff96c6d674f3b1b54fc003d430264dfb123f1475ca0f96dd74d35_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-grafana-rhel8@sha256:f4a12750af0ff96c6d674f3b1b54fc003d430264dfb123f1475ca0f96dd74d35?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/acm-must-gather-rhel8@sha256:a37b17c006729fdfc830302c225a7dbb954730a43dc33d853b2338733b9ff50b_amd64", "product": { "name": "rhacm2/acm-must-gather-rhel8@sha256:a37b17c006729fdfc830302c225a7dbb954730a43dc33d853b2338733b9ff50b_amd64", "product_id": "rhacm2/acm-must-gather-rhel8@sha256:a37b17c006729fdfc830302c225a7dbb954730a43dc33d853b2338733b9ff50b_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-must-gather-rhel8@sha256:a37b17c006729fdfc830302c225a7dbb954730a43dc33d853b2338733b9ff50b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/acm-operator-bundle@sha256:379b0f178959b082d2b718bc89e8af9491ea75c48f131f6771294c7028c6c480_amd64", "product": { "name": "rhacm2/acm-operator-bundle@sha256:379b0f178959b082d2b718bc89e8af9491ea75c48f131f6771294c7028c6c480_amd64", "product_id": "rhacm2/acm-operator-bundle@sha256:379b0f178959b082d2b718bc89e8af9491ea75c48f131f6771294c7028c6c480_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-operator-bundle@sha256:379b0f178959b082d2b718bc89e8af9491ea75c48f131f6771294c7028c6c480?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.6.3-37" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:f9f9884131d2eb8ce10ee141009aa0e90bd9ce5408d05fc448983524f48aa612_amd64", "product": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:f9f9884131d2eb8ce10ee141009aa0e90bd9ce5408d05fc448983524f48aa612_amd64", "product_id": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:f9f9884131d2eb8ce10ee141009aa0e90bd9ce5408d05fc448983524f48aa612_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-config-reloader-rhel8@sha256:f9f9884131d2eb8ce10ee141009aa0e90bd9ce5408d05fc448983524f48aa612?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-rhel8@sha256:917e5e88a3e32a81d4819a019c246c09ebc2ffee6ef0e04e5be50b809dddfb17_amd64", "product": { "name": "rhacm2/acm-prometheus-rhel8@sha256:917e5e88a3e32a81d4819a019c246c09ebc2ffee6ef0e04e5be50b809dddfb17_amd64", "product_id": "rhacm2/acm-prometheus-rhel8@sha256:917e5e88a3e32a81d4819a019c246c09ebc2ffee6ef0e04e5be50b809dddfb17_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-rhel8@sha256:917e5e88a3e32a81d4819a019c246c09ebc2ffee6ef0e04e5be50b809dddfb17?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:44fbdb06ae27304f5c2adfc1c4cc1982ba0fb3f91fc41dddd015981312f7f697_amd64", "product": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:44fbdb06ae27304f5c2adfc1c4cc1982ba0fb3f91fc41dddd015981312f7f697_amd64", "product_id": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:44fbdb06ae27304f5c2adfc1c4cc1982ba0fb3f91fc41dddd015981312f7f697_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-volsync-addon-controller-rhel8@sha256:44fbdb06ae27304f5c2adfc1c4cc1982ba0fb3f91fc41dddd015981312f7f697?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/cert-policy-controller-rhel8@sha256:4d054d8dc6d907fa0b5d02aea550906912bf65bc7c1278aa83d70ad0a1abd9eb_amd64", "product": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:4d054d8dc6d907fa0b5d02aea550906912bf65bc7c1278aa83d70ad0a1abd9eb_amd64", "product_id": "rhacm2/cert-policy-controller-rhel8@sha256:4d054d8dc6d907fa0b5d02aea550906912bf65bc7c1278aa83d70ad0a1abd9eb_amd64", "product_identification_helper": { "purl": "pkg:oci/cert-policy-controller-rhel8@sha256:4d054d8dc6d907fa0b5d02aea550906912bf65bc7c1278aa83d70ad0a1abd9eb?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/cluster-backup-rhel8-operator@sha256:c92e05f3c0858aed85e4152f29e6ec964e9f5de60fe828e6776e0b24daabb9f8_amd64", "product": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:c92e05f3c0858aed85e4152f29e6ec964e9f5de60fe828e6776e0b24daabb9f8_amd64", "product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:c92e05f3c0858aed85e4152f29e6ec964e9f5de60fe828e6776e0b24daabb9f8_amd64", "product_identification_helper": { "purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:c92e05f3c0858aed85e4152f29e6ec964e9f5de60fe828e6776e0b24daabb9f8?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/config-policy-controller-rhel8@sha256:3d6d6e470b58e7653bd9baf271201354ce1cc92d5ffffd45085bb23597c86fbc_amd64", "product": { "name": "rhacm2/config-policy-controller-rhel8@sha256:3d6d6e470b58e7653bd9baf271201354ce1cc92d5ffffd45085bb23597c86fbc_amd64", "product_id": "rhacm2/config-policy-controller-rhel8@sha256:3d6d6e470b58e7653bd9baf271201354ce1cc92d5ffffd45085bb23597c86fbc_amd64", "product_identification_helper": { "purl": "pkg:oci/config-policy-controller-rhel8@sha256:3d6d6e470b58e7653bd9baf271201354ce1cc92d5ffffd45085bb23597c86fbc?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/console-rhel8@sha256:22806dc757bbb6f43c300aabb10fe07ed1067fadbdd67205906784a4f6545e05_amd64", "product": { "name": "rhacm2/console-rhel8@sha256:22806dc757bbb6f43c300aabb10fe07ed1067fadbdd67205906784a4f6545e05_amd64", "product_id": "rhacm2/console-rhel8@sha256:22806dc757bbb6f43c300aabb10fe07ed1067fadbdd67205906784a4f6545e05_amd64", "product_identification_helper": { "purl": "pkg:oci/console-rhel8@sha256:22806dc757bbb6f43c300aabb10fe07ed1067fadbdd67205906784a4f6545e05?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.6.3-12" } } }, { "category": "product_version", "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:09844b79501670871afa69e546a19eebfb318ad218196d99776f5c71828a01b9_amd64", "product": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:09844b79501670871afa69e546a19eebfb318ad218196d99776f5c71828a01b9_amd64", "product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:09844b79501670871afa69e546a19eebfb318ad218196d99776f5c71828a01b9_amd64", "product_identification_helper": { "purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:09844b79501670871afa69e546a19eebfb318ad218196d99776f5c71828a01b9?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-propagator-rhel8@sha256:4b98fddbadd599896e3b764b46c8540a4d479508c2bae373acce62a9a3136838_amd64", "product": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:4b98fddbadd599896e3b764b46c8540a4d479508c2bae373acce62a9a3136838_amd64", "product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:4b98fddbadd599896e3b764b46c8540a4d479508c2bae373acce62a9a3136838_amd64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:4b98fddbadd599896e3b764b46c8540a4d479508c2bae373acce62a9a3136838?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:66c686412add02b3cf62fbe1dcb7374b1349d82f64e1f3360aa342f464ea2662_amd64", "product": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:66c686412add02b3cf62fbe1dcb7374b1349d82f64e1f3360aa342f464ea2662_amd64", "product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:66c686412add02b3cf62fbe1dcb7374b1349d82f64e1f3360aa342f464ea2662_amd64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:66c686412add02b3cf62fbe1dcb7374b1349d82f64e1f3360aa342f464ea2662?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:4fbedcad245f1c178f8f561d1362bd99fe0b0df72a4d8133f51fabe83417a023_amd64", "product": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:4fbedcad245f1c178f8f561d1362bd99fe0b0df72a4d8133f51fabe83417a023_amd64", "product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:4fbedcad245f1c178f8f561d1362bd99fe0b0df72a4d8133f51fabe83417a023_amd64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:4fbedcad245f1c178f8f561d1362bd99fe0b0df72a4d8133f51fabe83417a023?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:37aecc338a66d9d2918242f2f9ba24211bb0f4e95e3913458492caca2e5862fd_amd64", "product": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:37aecc338a66d9d2918242f2f9ba24211bb0f4e95e3913458492caca2e5862fd_amd64", "product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:37aecc338a66d9d2918242f2f9ba24211bb0f4e95e3913458492caca2e5862fd_amd64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:37aecc338a66d9d2918242f2f9ba24211bb0f4e95e3913458492caca2e5862fd?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:127dc3f02371ab5275f612a0bf2ecabcd679401ea9e5a2af8619c849d2fc412a_amd64", "product": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:127dc3f02371ab5275f612a0bf2ecabcd679401ea9e5a2af8619c849d2fc412a_amd64", "product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:127dc3f02371ab5275f612a0bf2ecabcd679401ea9e5a2af8619c849d2fc412a_amd64", "product_identification_helper": { "purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:127dc3f02371ab5275f612a0bf2ecabcd679401ea9e5a2af8619c849d2fc412a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/iam-policy-controller-rhel8@sha256:aa2dcc759acefe7597bc6994e5596fe36951a0829cbc808797b120dea2b5041a_amd64", "product": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:aa2dcc759acefe7597bc6994e5596fe36951a0829cbc808797b120dea2b5041a_amd64", "product_id": "rhacm2/iam-policy-controller-rhel8@sha256:aa2dcc759acefe7597bc6994e5596fe36951a0829cbc808797b120dea2b5041a_amd64", "product_identification_helper": { "purl": "pkg:oci/iam-policy-controller-rhel8@sha256:aa2dcc759acefe7597bc6994e5596fe36951a0829cbc808797b120dea2b5041a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/insights-client-rhel8@sha256:26572690e8f1e22cd5a05ae603246cfced69d4cb90136acc8ac9069cc51b3bd0_amd64", "product": { "name": "rhacm2/insights-client-rhel8@sha256:26572690e8f1e22cd5a05ae603246cfced69d4cb90136acc8ac9069cc51b3bd0_amd64", "product_id": "rhacm2/insights-client-rhel8@sha256:26572690e8f1e22cd5a05ae603246cfced69d4cb90136acc8ac9069cc51b3bd0_amd64", "product_identification_helper": { "purl": "pkg:oci/insights-client-rhel8@sha256:26572690e8f1e22cd5a05ae603246cfced69d4cb90136acc8ac9069cc51b3bd0?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/insights-metrics-rhel8@sha256:c069fcd028b17cfa9ac3ee28648739fb786effe22d54cad579f9476254d410d7_amd64", "product": { "name": "rhacm2/insights-metrics-rhel8@sha256:c069fcd028b17cfa9ac3ee28648739fb786effe22d54cad579f9476254d410d7_amd64", "product_id": "rhacm2/insights-metrics-rhel8@sha256:c069fcd028b17cfa9ac3ee28648739fb786effe22d54cad579f9476254d410d7_amd64", "product_identification_helper": { "purl": "pkg:oci/insights-metrics-rhel8@sha256:c069fcd028b17cfa9ac3ee28648739fb786effe22d54cad579f9476254d410d7?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7b44376ec7e52275050c4d9de1da8116f87c95526fcbeb3cbcd148ddf4b1bf01_amd64", "product": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7b44376ec7e52275050c4d9de1da8116f87c95526fcbeb3cbcd148ddf4b1bf01_amd64", "product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7b44376ec7e52275050c4d9de1da8116f87c95526fcbeb3cbcd148ddf4b1bf01_amd64", "product_identification_helper": { "purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:7b44376ec7e52275050c4d9de1da8116f87c95526fcbeb3cbcd148ddf4b1bf01?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:622310ec3df5b379aee757687115d4e7799bfb48e55875fe2c541206886a4bfc_amd64", "product": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:622310ec3df5b379aee757687115d4e7799bfb48e55875fe2c541206886a4bfc_amd64", "product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:622310ec3df5b379aee757687115d4e7799bfb48e55875fe2c541206886a4bfc_amd64", "product_identification_helper": { "purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:622310ec3df5b379aee757687115d4e7799bfb48e55875fe2c541206886a4bfc?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/kube-state-metrics-rhel8@sha256:ecbc5d6d1814a32c662b6fbfb1c77cac0b8a32de69ce205b41389ee370154e06_amd64", "product": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:ecbc5d6d1814a32c662b6fbfb1c77cac0b8a32de69ce205b41389ee370154e06_amd64", "product_id": "rhacm2/kube-state-metrics-rhel8@sha256:ecbc5d6d1814a32c662b6fbfb1c77cac0b8a32de69ce205b41389ee370154e06_amd64", "product_identification_helper": { "purl": "pkg:oci/kube-state-metrics-rhel8@sha256:ecbc5d6d1814a32c662b6fbfb1c77cac0b8a32de69ce205b41389ee370154e06?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/management-ingress-rhel8@sha256:0dcc4996e914351bda366dd983d487eafa663aca34d1c2b40ba7f77a6a9f36f4_amd64", "product": { "name": "rhacm2/management-ingress-rhel8@sha256:0dcc4996e914351bda366dd983d487eafa663aca34d1c2b40ba7f77a6a9f36f4_amd64", "product_id": "rhacm2/management-ingress-rhel8@sha256:0dcc4996e914351bda366dd983d487eafa663aca34d1c2b40ba7f77a6a9f36f4_amd64", "product_identification_helper": { "purl": "pkg:oci/management-ingress-rhel8@sha256:0dcc4996e914351bda366dd983d487eafa663aca34d1c2b40ba7f77a6a9f36f4?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/memcached-rhel8@sha256:e8f25ff1fb58264ea5b64e745b195a3d4f033a9f5cb570b2dc58f7470de0557b_amd64", "product": { "name": "rhacm2/memcached-rhel8@sha256:e8f25ff1fb58264ea5b64e745b195a3d4f033a9f5cb570b2dc58f7470de0557b_amd64", "product_id": "rhacm2/memcached-rhel8@sha256:e8f25ff1fb58264ea5b64e745b195a3d4f033a9f5cb570b2dc58f7470de0557b_amd64", "product_identification_helper": { "purl": "pkg:oci/memcached-rhel8@sha256:e8f25ff1fb58264ea5b64e745b195a3d4f033a9f5cb570b2dc58f7470de0557b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/memcached-exporter-rhel8@sha256:621499f5e4008d5da2f747c71df84fc22c61d384472a175ff4974c607b58bab0_amd64", "product": { "name": "rhacm2/memcached-exporter-rhel8@sha256:621499f5e4008d5da2f747c71df84fc22c61d384472a175ff4974c607b58bab0_amd64", "product_id": "rhacm2/memcached-exporter-rhel8@sha256:621499f5e4008d5da2f747c71df84fc22c61d384472a175ff4974c607b58bab0_amd64", "product_identification_helper": { "purl": "pkg:oci/memcached-exporter-rhel8@sha256:621499f5e4008d5da2f747c71df84fc22c61d384472a175ff4974c607b58bab0?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/metrics-collector-rhel8@sha256:5a6483cb82b488f18e0d7756c13bfdb50fa4acf9f4483f636b7412fd0361bf1e_amd64", "product": { "name": "rhacm2/metrics-collector-rhel8@sha256:5a6483cb82b488f18e0d7756c13bfdb50fa4acf9f4483f636b7412fd0361bf1e_amd64", "product_id": "rhacm2/metrics-collector-rhel8@sha256:5a6483cb82b488f18e0d7756c13bfdb50fa4acf9f4483f636b7412fd0361bf1e_amd64", "product_identification_helper": { "purl": "pkg:oci/metrics-collector-rhel8@sha256:5a6483cb82b488f18e0d7756c13bfdb50fa4acf9f4483f636b7412fd0361bf1e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicloud-integrations-rhel8@sha256:348e8b1b310718ac9816ab857b7ea7c8f027d61c9ace2b6219e58192411d37b2_amd64", "product": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:348e8b1b310718ac9816ab857b7ea7c8f027d61c9ace2b6219e58192411d37b2_amd64", "product_id": "rhacm2/multicloud-integrations-rhel8@sha256:348e8b1b310718ac9816ab857b7ea7c8f027d61c9ace2b6219e58192411d37b2_amd64", "product_identification_helper": { "purl": "pkg:oci/multicloud-integrations-rhel8@sha256:348e8b1b310718ac9816ab857b7ea7c8f027d61c9ace2b6219e58192411d37b2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-rhel8@sha256:2d40857f0ab5b654c9fed86007e943269e691e424bdd34a37a4391e469b85b6f_amd64", "product": { "name": "rhacm2/multiclusterhub-rhel8@sha256:2d40857f0ab5b654c9fed86007e943269e691e424bdd34a37a4391e469b85b6f_amd64", "product_id": "rhacm2/multiclusterhub-rhel8@sha256:2d40857f0ab5b654c9fed86007e943269e691e424bdd34a37a4391e469b85b6f_amd64", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-rhel8@sha256:2d40857f0ab5b654c9fed86007e943269e691e424bdd34a37a4391e469b85b6f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.6.3-5" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:53bf2997e049408b56a112d4686344abfa3d0440287aeb005f257fea535e9372_amd64", "product": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:53bf2997e049408b56a112d4686344abfa3d0440287aeb005f257fea535e9372_amd64", "product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:53bf2997e049408b56a112d4686344abfa3d0440287aeb005f257fea535e9372_amd64", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:53bf2997e049408b56a112d4686344abfa3d0440287aeb005f257fea535e9372?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:8826ffc8cbe73575575474ab3f5c51a1236ca0562ed402fe6807501851515249_amd64", "product": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:8826ffc8cbe73575575474ab3f5c51a1236ca0562ed402fe6807501851515249_amd64", "product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:8826ffc8cbe73575575474ab3f5c51a1236ca0562ed402fe6807501851515249_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:8826ffc8cbe73575575474ab3f5c51a1236ca0562ed402fe6807501851515249?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-application-rhel8@sha256:37c6618c92bfa78cf1b2c1ab8627ffe7acf4e153c9ea5edf9e421561754398bf_amd64", "product": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:37c6618c92bfa78cf1b2c1ab8627ffe7acf4e153c9ea5edf9e421561754398bf_amd64", "product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:37c6618c92bfa78cf1b2c1ab8627ffe7acf4e153c9ea5edf9e421561754398bf_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:37c6618c92bfa78cf1b2c1ab8627ffe7acf4e153c9ea5edf9e421561754398bf?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:914e579180c28e319070e8ccfd2d2f465c387e7fb00f9122a48dab8ff464569c_amd64", "product": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:914e579180c28e319070e8ccfd2d2f465c387e7fb00f9122a48dab8ff464569c_amd64", "product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:914e579180c28e319070e8ccfd2d2f465c387e7fb00f9122a48dab8ff464569c_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:914e579180c28e319070e8ccfd2d2f465c387e7fb00f9122a48dab8ff464569c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:bfc4b10237b98c70fd92b65a7e02de75bcb34a26f533108ff167af98f757930f_amd64", "product": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:bfc4b10237b98c70fd92b65a7e02de75bcb34a26f533108ff167af98f757930f_amd64", "product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:bfc4b10237b98c70fd92b65a7e02de75bcb34a26f533108ff167af98f757930f_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:bfc4b10237b98c70fd92b65a7e02de75bcb34a26f533108ff167af98f757930f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/node-exporter-rhel8@sha256:31465d39e7f1687ba4700772bfebc8b75c22cff405a7f2bca79d25f6631c7ef7_amd64", "product": { "name": "rhacm2/node-exporter-rhel8@sha256:31465d39e7f1687ba4700772bfebc8b75c22cff405a7f2bca79d25f6631c7ef7_amd64", "product_id": "rhacm2/node-exporter-rhel8@sha256:31465d39e7f1687ba4700772bfebc8b75c22cff405a7f2bca79d25f6631c7ef7_amd64", "product_identification_helper": { "purl": "pkg:oci/node-exporter-rhel8@sha256:31465d39e7f1687ba4700772bfebc8b75c22cff405a7f2bca79d25f6631c7ef7?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8@sha256:a293b2ecc7d1c0941be72b715eca800b5aac0a02b7f6f28731a25153d7445d52_amd64", "product": { "name": "rhacm2/observatorium-rhel8@sha256:a293b2ecc7d1c0941be72b715eca800b5aac0a02b7f6f28731a25153d7445d52_amd64", "product_id": "rhacm2/observatorium-rhel8@sha256:a293b2ecc7d1c0941be72b715eca800b5aac0a02b7f6f28731a25153d7445d52_amd64", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8@sha256:a293b2ecc7d1c0941be72b715eca800b5aac0a02b7f6f28731a25153d7445d52?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8-operator@sha256:5cbed421779d0dabbbb3d64346e5d0a3a2210822f19fd08963c87c1ea131bc82_amd64", "product": { "name": "rhacm2/observatorium-rhel8-operator@sha256:5cbed421779d0dabbbb3d64346e5d0a3a2210822f19fd08963c87c1ea131bc82_amd64", "product_id": "rhacm2/observatorium-rhel8-operator@sha256:5cbed421779d0dabbbb3d64346e5d0a3a2210822f19fd08963c87c1ea131bc82_amd64", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8-operator@sha256:5cbed421779d0dabbbb3d64346e5d0a3a2210822f19fd08963c87c1ea131bc82?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:f15ba82a509069bce631869a418e505f5a3ef67f33ae1b02d09d33558ffc2f15_amd64", "product": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:f15ba82a509069bce631869a418e505f5a3ef67f33ae1b02d09d33558ffc2f15_amd64", "product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:f15ba82a509069bce631869a418e505f5a3ef67f33ae1b02d09d33558ffc2f15_amd64", "product_identification_helper": { "purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:f15ba82a509069bce631869a418e505f5a3ef67f33ae1b02d09d33558ffc2f15?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/prometheus-rhel8@sha256:7e5f3f691625772d6f3363116a56d88d244f6552c59b6a2aa0d9cbc4a416ac1e_amd64", "product": { "name": "rhacm2/prometheus-rhel8@sha256:7e5f3f691625772d6f3363116a56d88d244f6552c59b6a2aa0d9cbc4a416ac1e_amd64", "product_id": "rhacm2/prometheus-rhel8@sha256:7e5f3f691625772d6f3363116a56d88d244f6552c59b6a2aa0d9cbc4a416ac1e_amd64", "product_identification_helper": { "purl": "pkg:oci/prometheus-rhel8@sha256:7e5f3f691625772d6f3363116a56d88d244f6552c59b6a2aa0d9cbc4a416ac1e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/rbac-query-proxy-rhel8@sha256:ee07d3b2bf79e91cae5e430a6fe7d34523218f0d9dc4a913c3457f6cdf4450f9_amd64", "product": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:ee07d3b2bf79e91cae5e430a6fe7d34523218f0d9dc4a913c3457f6cdf4450f9_amd64", "product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:ee07d3b2bf79e91cae5e430a6fe7d34523218f0d9dc4a913c3457f6cdf4450f9_amd64", "product_identification_helper": { "purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:ee07d3b2bf79e91cae5e430a6fe7d34523218f0d9dc4a913c3457f6cdf4450f9?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/redisgraph-tls-rhel8@sha256:c84a948c57f07dbdb9c71184b01c839fcf50f59cae2ac11961746c78fab9812e_amd64", "product": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:c84a948c57f07dbdb9c71184b01c839fcf50f59cae2ac11961746c78fab9812e_amd64", "product_id": "rhacm2/redisgraph-tls-rhel8@sha256:c84a948c57f07dbdb9c71184b01c839fcf50f59cae2ac11961746c78fab9812e_amd64", "product_identification_helper": { "purl": "pkg:oci/redisgraph-tls-rhel8@sha256:c84a948c57f07dbdb9c71184b01c839fcf50f59cae2ac11961746c78fab9812e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/search-aggregator-rhel8@sha256:d0b22f1a90f86f059ecb5e3f9804e5f4f258860c05c4e5bab529e8335e5fee43_amd64", "product": { "name": "rhacm2/search-aggregator-rhel8@sha256:d0b22f1a90f86f059ecb5e3f9804e5f4f258860c05c4e5bab529e8335e5fee43_amd64", "product_id": "rhacm2/search-aggregator-rhel8@sha256:d0b22f1a90f86f059ecb5e3f9804e5f4f258860c05c4e5bab529e8335e5fee43_amd64", "product_identification_helper": { "purl": "pkg:oci/search-aggregator-rhel8@sha256:d0b22f1a90f86f059ecb5e3f9804e5f4f258860c05c4e5bab529e8335e5fee43?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/search-api-rhel8@sha256:03babfd516fb03138e7905763019ee7445f0834ee03fa9b36acbe547b88db585_amd64", "product": { "name": "rhacm2/search-api-rhel8@sha256:03babfd516fb03138e7905763019ee7445f0834ee03fa9b36acbe547b88db585_amd64", "product_id": "rhacm2/search-api-rhel8@sha256:03babfd516fb03138e7905763019ee7445f0834ee03fa9b36acbe547b88db585_amd64", "product_identification_helper": { "purl": "pkg:oci/search-api-rhel8@sha256:03babfd516fb03138e7905763019ee7445f0834ee03fa9b36acbe547b88db585?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/search-collector-rhel8@sha256:bdbda0f7f9806be66b080f531890526d1380b9140bdd542e246805dac310b89d_amd64", "product": { "name": "rhacm2/search-collector-rhel8@sha256:bdbda0f7f9806be66b080f531890526d1380b9140bdd542e246805dac310b89d_amd64", "product_id": "rhacm2/search-collector-rhel8@sha256:bdbda0f7f9806be66b080f531890526d1380b9140bdd542e246805dac310b89d_amd64", "product_identification_helper": { "purl": "pkg:oci/search-collector-rhel8@sha256:bdbda0f7f9806be66b080f531890526d1380b9140bdd542e246805dac310b89d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/search-rhel8@sha256:275f8f27ab73f5171a8ea5fffbbcba642bb01ae11d9d149fafa6e1dd4b4c5791_amd64", "product": { "name": "rhacm2/search-rhel8@sha256:275f8f27ab73f5171a8ea5fffbbcba642bb01ae11d9d149fafa6e1dd4b4c5791_amd64", "product_id": "rhacm2/search-rhel8@sha256:275f8f27ab73f5171a8ea5fffbbcba642bb01ae11d9d149fafa6e1dd4b4c5791_amd64", "product_identification_helper": { "purl": "pkg:oci/search-rhel8@sha256:275f8f27ab73f5171a8ea5fffbbcba642bb01ae11d9d149fafa6e1dd4b4c5791?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/submariner-addon-rhel8@sha256:d609766fe2beae5170015ee27e7c557b811a47e429428d95f506c032be0b1fb6_amd64", "product": { "name": "rhacm2/submariner-addon-rhel8@sha256:d609766fe2beae5170015ee27e7c557b811a47e429428d95f506c032be0b1fb6_amd64", "product_id": "rhacm2/submariner-addon-rhel8@sha256:d609766fe2beae5170015ee27e7c557b811a47e429428d95f506c032be0b1fb6_amd64", "product_identification_helper": { "purl": "pkg:oci/submariner-addon-rhel8@sha256:d609766fe2beae5170015ee27e7c557b811a47e429428d95f506c032be0b1fb6?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.6.3-7" } } }, { "category": "product_version", "name": "rhacm2/thanos-rhel8@sha256:e630b7df73c9b5e73f1406c6de80d951c8562aa6e6763803f0563a86d15616a0_amd64", "product": { "name": "rhacm2/thanos-rhel8@sha256:e630b7df73c9b5e73f1406c6de80d951c8562aa6e6763803f0563a86d15616a0_amd64", "product_id": "rhacm2/thanos-rhel8@sha256:e630b7df73c9b5e73f1406c6de80d951c8562aa6e6763803f0563a86d15616a0_amd64", "product_identification_helper": { "purl": "pkg:oci/thanos-rhel8@sha256:e630b7df73c9b5e73f1406c6de80d951c8562aa6e6763803f0563a86d15616a0?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/thanos-receive-controller-rhel8@sha256:73ebc2239443c185e46239ebc1100b8c945701b26f8eca31a13b4718c2b2a512_amd64", "product": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:73ebc2239443c185e46239ebc1100b8c945701b26f8eca31a13b4718c2b2a512_amd64", "product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:73ebc2239443c185e46239ebc1100b8c945701b26f8eca31a13b4718c2b2a512_amd64", "product_identification_helper": { "purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:73ebc2239443c185e46239ebc1100b8c945701b26f8eca31a13b4718c2b2a512?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.6.3-3" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:509ed58ef39b05d6a7a5a24804a44c99111a8529e76a41b27e4995c1dd314cbe_arm64", "product": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:509ed58ef39b05d6a7a5a24804a44c99111a8529e76a41b27e4995c1dd314cbe_arm64", "product_id": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:509ed58ef39b05d6a7a5a24804a44c99111a8529e76a41b27e4995c1dd314cbe_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-governance-policy-addon-controller-rhel8@sha256:509ed58ef39b05d6a7a5a24804a44c99111a8529e76a41b27e4995c1dd314cbe?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/acm-grafana-rhel8@sha256:90e5bc363390f6caf6e8979cd4deb6b6a457aae0d3d8962e51fde933e25a7e55_arm64", "product": { "name": "rhacm2/acm-grafana-rhel8@sha256:90e5bc363390f6caf6e8979cd4deb6b6a457aae0d3d8962e51fde933e25a7e55_arm64", "product_id": "rhacm2/acm-grafana-rhel8@sha256:90e5bc363390f6caf6e8979cd4deb6b6a457aae0d3d8962e51fde933e25a7e55_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-grafana-rhel8@sha256:90e5bc363390f6caf6e8979cd4deb6b6a457aae0d3d8962e51fde933e25a7e55?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/acm-must-gather-rhel8@sha256:6b5550b372570898f0d5b3dcae9252faf5b96252b6e943abffb8d99e110f4ea6_arm64", "product": { "name": "rhacm2/acm-must-gather-rhel8@sha256:6b5550b372570898f0d5b3dcae9252faf5b96252b6e943abffb8d99e110f4ea6_arm64", "product_id": "rhacm2/acm-must-gather-rhel8@sha256:6b5550b372570898f0d5b3dcae9252faf5b96252b6e943abffb8d99e110f4ea6_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-must-gather-rhel8@sha256:6b5550b372570898f0d5b3dcae9252faf5b96252b6e943abffb8d99e110f4ea6?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:d39f60038997f995a159e1f9f7d58838f4bea27feec43061399ac0b49a4283dc_arm64", "product": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:d39f60038997f995a159e1f9f7d58838f4bea27feec43061399ac0b49a4283dc_arm64", "product_id": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:d39f60038997f995a159e1f9f7d58838f4bea27feec43061399ac0b49a4283dc_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-config-reloader-rhel8@sha256:d39f60038997f995a159e1f9f7d58838f4bea27feec43061399ac0b49a4283dc?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-rhel8@sha256:b36ca60719f6cb6051f0f67ab9064b18ae59cbcebea14663b76b7889c798f14c_arm64", "product": { "name": "rhacm2/acm-prometheus-rhel8@sha256:b36ca60719f6cb6051f0f67ab9064b18ae59cbcebea14663b76b7889c798f14c_arm64", "product_id": "rhacm2/acm-prometheus-rhel8@sha256:b36ca60719f6cb6051f0f67ab9064b18ae59cbcebea14663b76b7889c798f14c_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-rhel8@sha256:b36ca60719f6cb6051f0f67ab9064b18ae59cbcebea14663b76b7889c798f14c?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:52dc4e94bf039195a43998446c2424e736f301ca033fc387c4a908851bf3bb52_arm64", "product": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:52dc4e94bf039195a43998446c2424e736f301ca033fc387c4a908851bf3bb52_arm64", "product_id": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:52dc4e94bf039195a43998446c2424e736f301ca033fc387c4a908851bf3bb52_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-volsync-addon-controller-rhel8@sha256:52dc4e94bf039195a43998446c2424e736f301ca033fc387c4a908851bf3bb52?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/cert-policy-controller-rhel8@sha256:52c5ab4725cc1a317981a3d647fd2a39e314bc33942a01b19c650d0e26e0ec00_arm64", "product": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:52c5ab4725cc1a317981a3d647fd2a39e314bc33942a01b19c650d0e26e0ec00_arm64", "product_id": "rhacm2/cert-policy-controller-rhel8@sha256:52c5ab4725cc1a317981a3d647fd2a39e314bc33942a01b19c650d0e26e0ec00_arm64", "product_identification_helper": { "purl": "pkg:oci/cert-policy-controller-rhel8@sha256:52c5ab4725cc1a317981a3d647fd2a39e314bc33942a01b19c650d0e26e0ec00?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/cluster-backup-rhel8-operator@sha256:486b767a84eabfc0b0cff6c960e0c45cffb964435d87edc594e92b736bc188a7_arm64", "product": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:486b767a84eabfc0b0cff6c960e0c45cffb964435d87edc594e92b736bc188a7_arm64", "product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:486b767a84eabfc0b0cff6c960e0c45cffb964435d87edc594e92b736bc188a7_arm64", "product_identification_helper": { "purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:486b767a84eabfc0b0cff6c960e0c45cffb964435d87edc594e92b736bc188a7?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/config-policy-controller-rhel8@sha256:5701b2728c757feb707eab33cdd06b3709cd0b99a7c1030856c1d86fadb50dd3_arm64", "product": { "name": "rhacm2/config-policy-controller-rhel8@sha256:5701b2728c757feb707eab33cdd06b3709cd0b99a7c1030856c1d86fadb50dd3_arm64", "product_id": "rhacm2/config-policy-controller-rhel8@sha256:5701b2728c757feb707eab33cdd06b3709cd0b99a7c1030856c1d86fadb50dd3_arm64", "product_identification_helper": { "purl": "pkg:oci/config-policy-controller-rhel8@sha256:5701b2728c757feb707eab33cdd06b3709cd0b99a7c1030856c1d86fadb50dd3?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/console-rhel8@sha256:ab839da8f703bce3801f7b7b8360ad32c359af63d798a78001f8b22829b2e8eb_arm64", "product": { "name": "rhacm2/console-rhel8@sha256:ab839da8f703bce3801f7b7b8360ad32c359af63d798a78001f8b22829b2e8eb_arm64", "product_id": "rhacm2/console-rhel8@sha256:ab839da8f703bce3801f7b7b8360ad32c359af63d798a78001f8b22829b2e8eb_arm64", "product_identification_helper": { "purl": "pkg:oci/console-rhel8@sha256:ab839da8f703bce3801f7b7b8360ad32c359af63d798a78001f8b22829b2e8eb?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.6.3-12" } } }, { "category": "product_version", "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:38faff6ab482a1e40288ffc32084e06a228827aeccd3fcd456321ce3c3220d51_arm64", "product": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:38faff6ab482a1e40288ffc32084e06a228827aeccd3fcd456321ce3c3220d51_arm64", "product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:38faff6ab482a1e40288ffc32084e06a228827aeccd3fcd456321ce3c3220d51_arm64", "product_identification_helper": { "purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:38faff6ab482a1e40288ffc32084e06a228827aeccd3fcd456321ce3c3220d51?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-propagator-rhel8@sha256:e8ba00af597c421fddb15ec1c0bbabc0f4f20d5f5536fcca8741c55d05494f41_arm64", "product": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:e8ba00af597c421fddb15ec1c0bbabc0f4f20d5f5536fcca8741c55d05494f41_arm64", "product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:e8ba00af597c421fddb15ec1c0bbabc0f4f20d5f5536fcca8741c55d05494f41_arm64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:e8ba00af597c421fddb15ec1c0bbabc0f4f20d5f5536fcca8741c55d05494f41?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:e35071bdb532d8d9dbe8b592746d746e67e19dc6c909168f6f7b7faedd4145fe_arm64", "product": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:e35071bdb532d8d9dbe8b592746d746e67e19dc6c909168f6f7b7faedd4145fe_arm64", "product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:e35071bdb532d8d9dbe8b592746d746e67e19dc6c909168f6f7b7faedd4145fe_arm64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:e35071bdb532d8d9dbe8b592746d746e67e19dc6c909168f6f7b7faedd4145fe?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:b5e47e37536797e7875c91eccb911a10c0ef31ae161985967a02ce5f907c117d_arm64", "product": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:b5e47e37536797e7875c91eccb911a10c0ef31ae161985967a02ce5f907c117d_arm64", "product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:b5e47e37536797e7875c91eccb911a10c0ef31ae161985967a02ce5f907c117d_arm64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:b5e47e37536797e7875c91eccb911a10c0ef31ae161985967a02ce5f907c117d?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:c1860c9dbe1ba622761ab2fd1612053b28ac979724e6f76e7022de99f936602e_arm64", "product": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:c1860c9dbe1ba622761ab2fd1612053b28ac979724e6f76e7022de99f936602e_arm64", "product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:c1860c9dbe1ba622761ab2fd1612053b28ac979724e6f76e7022de99f936602e_arm64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:c1860c9dbe1ba622761ab2fd1612053b28ac979724e6f76e7022de99f936602e?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:2f44dc093a0eb977805cd5c5392fb2b7f8cdc421e240f5d9ab1bcb30a9c4b603_arm64", "product": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:2f44dc093a0eb977805cd5c5392fb2b7f8cdc421e240f5d9ab1bcb30a9c4b603_arm64", "product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:2f44dc093a0eb977805cd5c5392fb2b7f8cdc421e240f5d9ab1bcb30a9c4b603_arm64", "product_identification_helper": { "purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:2f44dc093a0eb977805cd5c5392fb2b7f8cdc421e240f5d9ab1bcb30a9c4b603?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/iam-policy-controller-rhel8@sha256:bd7e3ead4913728b2add04d2fe0674f8aef38903cb3391c10179a50dd8ed3fd7_arm64", "product": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:bd7e3ead4913728b2add04d2fe0674f8aef38903cb3391c10179a50dd8ed3fd7_arm64", "product_id": "rhacm2/iam-policy-controller-rhel8@sha256:bd7e3ead4913728b2add04d2fe0674f8aef38903cb3391c10179a50dd8ed3fd7_arm64", "product_identification_helper": { "purl": "pkg:oci/iam-policy-controller-rhel8@sha256:bd7e3ead4913728b2add04d2fe0674f8aef38903cb3391c10179a50dd8ed3fd7?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/insights-client-rhel8@sha256:aaec109d6c7aedad7befccfae92d3f63f8f06d4536a2cad8690686ce89c26bc6_arm64", "product": { "name": "rhacm2/insights-client-rhel8@sha256:aaec109d6c7aedad7befccfae92d3f63f8f06d4536a2cad8690686ce89c26bc6_arm64", "product_id": "rhacm2/insights-client-rhel8@sha256:aaec109d6c7aedad7befccfae92d3f63f8f06d4536a2cad8690686ce89c26bc6_arm64", "product_identification_helper": { "purl": "pkg:oci/insights-client-rhel8@sha256:aaec109d6c7aedad7befccfae92d3f63f8f06d4536a2cad8690686ce89c26bc6?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/insights-metrics-rhel8@sha256:4b903438e95bf786c9121da5381476a9a52e43958a6c3d472fe590e35a7972d6_arm64", "product": { "name": "rhacm2/insights-metrics-rhel8@sha256:4b903438e95bf786c9121da5381476a9a52e43958a6c3d472fe590e35a7972d6_arm64", "product_id": "rhacm2/insights-metrics-rhel8@sha256:4b903438e95bf786c9121da5381476a9a52e43958a6c3d472fe590e35a7972d6_arm64", "product_identification_helper": { "purl": "pkg:oci/insights-metrics-rhel8@sha256:4b903438e95bf786c9121da5381476a9a52e43958a6c3d472fe590e35a7972d6?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:384b8e10a099f9233e210e4e34e1ae900cc9fd7dd7fbdfd5977819266a56554f_arm64", "product": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:384b8e10a099f9233e210e4e34e1ae900cc9fd7dd7fbdfd5977819266a56554f_arm64", "product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:384b8e10a099f9233e210e4e34e1ae900cc9fd7dd7fbdfd5977819266a56554f_arm64", "product_identification_helper": { "purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:384b8e10a099f9233e210e4e34e1ae900cc9fd7dd7fbdfd5977819266a56554f?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:0a9b1f967ec37ab3dc38e4ed20c717b0c0e70dffa17133651227c7cd0b8f69bf_arm64", "product": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:0a9b1f967ec37ab3dc38e4ed20c717b0c0e70dffa17133651227c7cd0b8f69bf_arm64", "product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:0a9b1f967ec37ab3dc38e4ed20c717b0c0e70dffa17133651227c7cd0b8f69bf_arm64", "product_identification_helper": { "purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:0a9b1f967ec37ab3dc38e4ed20c717b0c0e70dffa17133651227c7cd0b8f69bf?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/kube-state-metrics-rhel8@sha256:73044ccae125bd75b599567d0ebf08f133757fcba55c3d033144782a42492118_arm64", "product": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:73044ccae125bd75b599567d0ebf08f133757fcba55c3d033144782a42492118_arm64", "product_id": "rhacm2/kube-state-metrics-rhel8@sha256:73044ccae125bd75b599567d0ebf08f133757fcba55c3d033144782a42492118_arm64", "product_identification_helper": { "purl": "pkg:oci/kube-state-metrics-rhel8@sha256:73044ccae125bd75b599567d0ebf08f133757fcba55c3d033144782a42492118?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/management-ingress-rhel8@sha256:597f2508e90795625da2fb1e84421f82998d388a28ae87100bcf46620268fbac_arm64", "product": { "name": "rhacm2/management-ingress-rhel8@sha256:597f2508e90795625da2fb1e84421f82998d388a28ae87100bcf46620268fbac_arm64", "product_id": "rhacm2/management-ingress-rhel8@sha256:597f2508e90795625da2fb1e84421f82998d388a28ae87100bcf46620268fbac_arm64", "product_identification_helper": { "purl": "pkg:oci/management-ingress-rhel8@sha256:597f2508e90795625da2fb1e84421f82998d388a28ae87100bcf46620268fbac?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/memcached-rhel8@sha256:1f8d388d0c13f3bef77b5e279533fb6065998dd1cd66ad1781781bf88952a3df_arm64", "product": { "name": "rhacm2/memcached-rhel8@sha256:1f8d388d0c13f3bef77b5e279533fb6065998dd1cd66ad1781781bf88952a3df_arm64", "product_id": "rhacm2/memcached-rhel8@sha256:1f8d388d0c13f3bef77b5e279533fb6065998dd1cd66ad1781781bf88952a3df_arm64", "product_identification_helper": { "purl": "pkg:oci/memcached-rhel8@sha256:1f8d388d0c13f3bef77b5e279533fb6065998dd1cd66ad1781781bf88952a3df?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/memcached-exporter-rhel8@sha256:866ef7961bdeda5dec501f8dd492e69aad1a3b18cb9c7e37d9379228aa335040_arm64", "product": { "name": "rhacm2/memcached-exporter-rhel8@sha256:866ef7961bdeda5dec501f8dd492e69aad1a3b18cb9c7e37d9379228aa335040_arm64", "product_id": "rhacm2/memcached-exporter-rhel8@sha256:866ef7961bdeda5dec501f8dd492e69aad1a3b18cb9c7e37d9379228aa335040_arm64", "product_identification_helper": { "purl": "pkg:oci/memcached-exporter-rhel8@sha256:866ef7961bdeda5dec501f8dd492e69aad1a3b18cb9c7e37d9379228aa335040?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/metrics-collector-rhel8@sha256:e4b4c766030aad5767a67b930a964395339b1e7b4c66b1a2e9a19c11898b602e_arm64", "product": { "name": "rhacm2/metrics-collector-rhel8@sha256:e4b4c766030aad5767a67b930a964395339b1e7b4c66b1a2e9a19c11898b602e_arm64", "product_id": "rhacm2/metrics-collector-rhel8@sha256:e4b4c766030aad5767a67b930a964395339b1e7b4c66b1a2e9a19c11898b602e_arm64", "product_identification_helper": { "purl": "pkg:oci/metrics-collector-rhel8@sha256:e4b4c766030aad5767a67b930a964395339b1e7b4c66b1a2e9a19c11898b602e?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicloud-integrations-rhel8@sha256:701c7efa2696815961d21469a355c8450f03548a36e72713b34b303aa8892541_arm64", "product": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:701c7efa2696815961d21469a355c8450f03548a36e72713b34b303aa8892541_arm64", "product_id": "rhacm2/multicloud-integrations-rhel8@sha256:701c7efa2696815961d21469a355c8450f03548a36e72713b34b303aa8892541_arm64", "product_identification_helper": { "purl": "pkg:oci/multicloud-integrations-rhel8@sha256:701c7efa2696815961d21469a355c8450f03548a36e72713b34b303aa8892541?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-rhel8@sha256:32d499aedd997fd35f6c2de27c6f835322604d7a354b981be381fbf09d3cf047_arm64", "product": { "name": "rhacm2/multiclusterhub-rhel8@sha256:32d499aedd997fd35f6c2de27c6f835322604d7a354b981be381fbf09d3cf047_arm64", "product_id": "rhacm2/multiclusterhub-rhel8@sha256:32d499aedd997fd35f6c2de27c6f835322604d7a354b981be381fbf09d3cf047_arm64", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-rhel8@sha256:32d499aedd997fd35f6c2de27c6f835322604d7a354b981be381fbf09d3cf047?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.6.3-5" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:227fdaa5391412ef2743fb19e7e7660a7e7f97e644a6e9897eee6412b363055d_arm64", "product": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:227fdaa5391412ef2743fb19e7e7660a7e7f97e644a6e9897eee6412b363055d_arm64", "product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:227fdaa5391412ef2743fb19e7e7660a7e7f97e644a6e9897eee6412b363055d_arm64", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:227fdaa5391412ef2743fb19e7e7660a7e7f97e644a6e9897eee6412b363055d?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:3b40707f382a9664f7a2c8cb75805f98fe596a92765a1dd538b890bfc8a2a332_arm64", "product": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:3b40707f382a9664f7a2c8cb75805f98fe596a92765a1dd538b890bfc8a2a332_arm64", "product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:3b40707f382a9664f7a2c8cb75805f98fe596a92765a1dd538b890bfc8a2a332_arm64", "product_identification_helper": { "purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:3b40707f382a9664f7a2c8cb75805f98fe596a92765a1dd538b890bfc8a2a332?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-application-rhel8@sha256:e50c3b1377578b4a7e2ea75df60a6e61383d68c9881c1b301211baae548d5f2b_arm64", "product": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:e50c3b1377578b4a7e2ea75df60a6e61383d68c9881c1b301211baae548d5f2b_arm64", "product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:e50c3b1377578b4a7e2ea75df60a6e61383d68c9881c1b301211baae548d5f2b_arm64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:e50c3b1377578b4a7e2ea75df60a6e61383d68c9881c1b301211baae548d5f2b?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:5ec1419cc2667ae09fbd9957b078bb9095464f54eef6c6473162f50b195d1091_arm64", "product": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:5ec1419cc2667ae09fbd9957b078bb9095464f54eef6c6473162f50b195d1091_arm64", "product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:5ec1419cc2667ae09fbd9957b078bb9095464f54eef6c6473162f50b195d1091_arm64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:5ec1419cc2667ae09fbd9957b078bb9095464f54eef6c6473162f50b195d1091?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:7b5d82c9d8494e4f787906fad597ab7a89541d88d306f9f284c62db1b3f7d42f_arm64", "product": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:7b5d82c9d8494e4f787906fad597ab7a89541d88d306f9f284c62db1b3f7d42f_arm64", "product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:7b5d82c9d8494e4f787906fad597ab7a89541d88d306f9f284c62db1b3f7d42f_arm64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:7b5d82c9d8494e4f787906fad597ab7a89541d88d306f9f284c62db1b3f7d42f?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.6.3-4" } } }, { "category": "product_version", "name": "rhacm2/node-exporter-rhel8@sha256:d44b0945138804cb66c77a025634c0602203c0f949c5af8e963fdd6706c6ba2f_arm64", "product": { "name": "rhacm2/node-exporter-rhel8@sha256:d44b0945138804cb66c77a025634c0602203c0f949c5af8e963fdd6706c6ba2f_arm64", "product_id": "rhacm2/node-exporter-rhel8@sha256:d44b0945138804cb66c77a025634c0602203c0f949c5af8e963fdd6706c6ba2f_arm64", "product_identification_helper": { "purl": "pkg:oci/node-exporter-rhel8@sha256:d44b0945138804cb66c77a025634c0602203c0f949c5af8e963fdd6706c6ba2f?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8@sha256:3a2fdbb6fd11298f9c3c839ef986e6d922434a0e06c0ad991453b605f0a98c75_arm64", "product": { "name": "rhacm2/observatorium-rhel8@sha256:3a2fdbb6fd11298f9c3c839ef986e6d922434a0e06c0ad991453b605f0a98c75_arm64", "product_id": "rhacm2/observatorium-rhel8@sha256:3a2fdbb6fd11298f9c3c839ef986e6d922434a0e06c0ad991453b605f0a98c75_arm64", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8@sha256:3a2fdbb6fd11298f9c3c839ef986e6d922434a0e06c0ad991453b605f0a98c75?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8-operator@sha256:56c5a37ca143e8f66bb6b4fb44d15192bd9105dd29de3f886d2b0a829031fca8_arm64", "product": { "name": "rhacm2/observatorium-rhel8-operator@sha256:56c5a37ca143e8f66bb6b4fb44d15192bd9105dd29de3f886d2b0a829031fca8_arm64", "product_id": "rhacm2/observatorium-rhel8-operator@sha256:56c5a37ca143e8f66bb6b4fb44d15192bd9105dd29de3f886d2b0a829031fca8_arm64", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8-operator@sha256:56c5a37ca143e8f66bb6b4fb44d15192bd9105dd29de3f886d2b0a829031fca8?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:4276ed80b39eb7f35426b57e6505457256fd5533bf060f6e8c6562b966474d2f_arm64", "product": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:4276ed80b39eb7f35426b57e6505457256fd5533bf060f6e8c6562b966474d2f_arm64", "product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:4276ed80b39eb7f35426b57e6505457256fd5533bf060f6e8c6562b966474d2f_arm64", "product_identification_helper": { "purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:4276ed80b39eb7f35426b57e6505457256fd5533bf060f6e8c6562b966474d2f?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/prometheus-rhel8@sha256:619c7f6f37801ab2a3b0a38780c4be8015b98d6409ade233490162ddf27491a4_arm64", "product": { "name": "rhacm2/prometheus-rhel8@sha256:619c7f6f37801ab2a3b0a38780c4be8015b98d6409ade233490162ddf27491a4_arm64", "product_id": "rhacm2/prometheus-rhel8@sha256:619c7f6f37801ab2a3b0a38780c4be8015b98d6409ade233490162ddf27491a4_arm64", "product_identification_helper": { "purl": "pkg:oci/prometheus-rhel8@sha256:619c7f6f37801ab2a3b0a38780c4be8015b98d6409ade233490162ddf27491a4?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/rbac-query-proxy-rhel8@sha256:553aaf0de45b0fd73522e45e500ff06e383b7851050bf7355856146575f93dcb_arm64", "product": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:553aaf0de45b0fd73522e45e500ff06e383b7851050bf7355856146575f93dcb_arm64", "product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:553aaf0de45b0fd73522e45e500ff06e383b7851050bf7355856146575f93dcb_arm64", "product_identification_helper": { "purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:553aaf0de45b0fd73522e45e500ff06e383b7851050bf7355856146575f93dcb?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/redisgraph-tls-rhel8@sha256:29c4fb7279a7fa5c186459035a6a4dfc58b5fcb5cd0c40cfd889cbb181a3f310_arm64", "product": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:29c4fb7279a7fa5c186459035a6a4dfc58b5fcb5cd0c40cfd889cbb181a3f310_arm64", "product_id": "rhacm2/redisgraph-tls-rhel8@sha256:29c4fb7279a7fa5c186459035a6a4dfc58b5fcb5cd0c40cfd889cbb181a3f310_arm64", "product_identification_helper": { "purl": "pkg:oci/redisgraph-tls-rhel8@sha256:29c4fb7279a7fa5c186459035a6a4dfc58b5fcb5cd0c40cfd889cbb181a3f310?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/search-aggregator-rhel8@sha256:7ac4f7ff93bd61adbb93c550e5f414123db49de12fa10db36c0eccb7934b04bf_arm64", "product": { "name": "rhacm2/search-aggregator-rhel8@sha256:7ac4f7ff93bd61adbb93c550e5f414123db49de12fa10db36c0eccb7934b04bf_arm64", "product_id": "rhacm2/search-aggregator-rhel8@sha256:7ac4f7ff93bd61adbb93c550e5f414123db49de12fa10db36c0eccb7934b04bf_arm64", "product_identification_helper": { "purl": "pkg:oci/search-aggregator-rhel8@sha256:7ac4f7ff93bd61adbb93c550e5f414123db49de12fa10db36c0eccb7934b04bf?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/search-api-rhel8@sha256:b5e103054a90859a0aadbd5d4c46a7c2133dce45527ccd8d07154fb000bf037c_arm64", "product": { "name": "rhacm2/search-api-rhel8@sha256:b5e103054a90859a0aadbd5d4c46a7c2133dce45527ccd8d07154fb000bf037c_arm64", "product_id": "rhacm2/search-api-rhel8@sha256:b5e103054a90859a0aadbd5d4c46a7c2133dce45527ccd8d07154fb000bf037c_arm64", "product_identification_helper": { "purl": "pkg:oci/search-api-rhel8@sha256:b5e103054a90859a0aadbd5d4c46a7c2133dce45527ccd8d07154fb000bf037c?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/search-collector-rhel8@sha256:be16218b938e657441a9b780fe92d26767102ee93cafde62b1976b17189d6aac_arm64", "product": { "name": "rhacm2/search-collector-rhel8@sha256:be16218b938e657441a9b780fe92d26767102ee93cafde62b1976b17189d6aac_arm64", "product_id": "rhacm2/search-collector-rhel8@sha256:be16218b938e657441a9b780fe92d26767102ee93cafde62b1976b17189d6aac_arm64", "product_identification_helper": { "purl": "pkg:oci/search-collector-rhel8@sha256:be16218b938e657441a9b780fe92d26767102ee93cafde62b1976b17189d6aac?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/search-rhel8@sha256:19830c18e9a70beaf9330bc653141d3822c74a5d292f03b9c6058ba4be09652e_arm64", "product": { "name": "rhacm2/search-rhel8@sha256:19830c18e9a70beaf9330bc653141d3822c74a5d292f03b9c6058ba4be09652e_arm64", "product_id": "rhacm2/search-rhel8@sha256:19830c18e9a70beaf9330bc653141d3822c74a5d292f03b9c6058ba4be09652e_arm64", "product_identification_helper": { "purl": "pkg:oci/search-rhel8@sha256:19830c18e9a70beaf9330bc653141d3822c74a5d292f03b9c6058ba4be09652e?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/submariner-addon-rhel8@sha256:a851e729650262102533517f91659d24871ee2c0f3c35359bcf5262adc8d6868_arm64", "product": { "name": "rhacm2/submariner-addon-rhel8@sha256:a851e729650262102533517f91659d24871ee2c0f3c35359bcf5262adc8d6868_arm64", "product_id": "rhacm2/submariner-addon-rhel8@sha256:a851e729650262102533517f91659d24871ee2c0f3c35359bcf5262adc8d6868_arm64", "product_identification_helper": { "purl": "pkg:oci/submariner-addon-rhel8@sha256:a851e729650262102533517f91659d24871ee2c0f3c35359bcf5262adc8d6868?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.6.3-7" } } }, { "category": "product_version", "name": "rhacm2/thanos-rhel8@sha256:2ba9a97653636b22fc917df5eb7909daae38c0de2e369df9646e845d6ffccd2f_arm64", "product": { "name": "rhacm2/thanos-rhel8@sha256:2ba9a97653636b22fc917df5eb7909daae38c0de2e369df9646e845d6ffccd2f_arm64", "product_id": "rhacm2/thanos-rhel8@sha256:2ba9a97653636b22fc917df5eb7909daae38c0de2e369df9646e845d6ffccd2f_arm64", "product_identification_helper": { "purl": "pkg:oci/thanos-rhel8@sha256:2ba9a97653636b22fc917df5eb7909daae38c0de2e369df9646e845d6ffccd2f?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.6.3-3" } } }, { "category": "product_version", "name": "rhacm2/thanos-receive-controller-rhel8@sha256:df585f1b565b00bf7d07bc0ac4c31d8b0ce34065e4efe8a3750b6345a35c97fb_arm64", "product": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:df585f1b565b00bf7d07bc0ac4c31d8b0ce34065e4efe8a3750b6345a35c97fb_arm64", "product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:df585f1b565b00bf7d07bc0ac4c31d8b0ce34065e4efe8a3750b6345a35c97fb_arm64", "product_identification_helper": { "purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:df585f1b565b00bf7d07bc0ac4c31d8b0ce34065e4efe8a3750b6345a35c97fb?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.6.3-3" } } } ], "category": "architecture", "name": "arm64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:35fc6c2de10172bfa9ec042d332219ceded91e0ec65c3e65837e37679ef1e891_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:35fc6c2de10172bfa9ec042d332219ceded91e0ec65c3e65837e37679ef1e891_ppc64le" }, "product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:35fc6c2de10172bfa9ec042d332219ceded91e0ec65c3e65837e37679ef1e891_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:509ed58ef39b05d6a7a5a24804a44c99111a8529e76a41b27e4995c1dd314cbe_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:509ed58ef39b05d6a7a5a24804a44c99111a8529e76a41b27e4995c1dd314cbe_arm64" }, "product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:509ed58ef39b05d6a7a5a24804a44c99111a8529e76a41b27e4995c1dd314cbe_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:c1941e25531233a823280f6c564e207c7147104945418bbe4212da5ca609b5fb_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:c1941e25531233a823280f6c564e207c7147104945418bbe4212da5ca609b5fb_s390x" }, "product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:c1941e25531233a823280f6c564e207c7147104945418bbe4212da5ca609b5fb_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:f0db22323708e3c01a45d2d129ea9f3c677f99dd132c7e2dd941fb52a119c4b2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:f0db22323708e3c01a45d2d129ea9f3c677f99dd132c7e2dd941fb52a119c4b2_amd64" }, "product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:f0db22323708e3c01a45d2d129ea9f3c677f99dd132c7e2dd941fb52a119c4b2_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-grafana-rhel8@sha256:43eefdc422f15d49b0e22fbc2b0cf59430a73c897562f5672ab816de1ef628ca_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:43eefdc422f15d49b0e22fbc2b0cf59430a73c897562f5672ab816de1ef628ca_s390x" }, "product_reference": "rhacm2/acm-grafana-rhel8@sha256:43eefdc422f15d49b0e22fbc2b0cf59430a73c897562f5672ab816de1ef628ca_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-grafana-rhel8@sha256:90e5bc363390f6caf6e8979cd4deb6b6a457aae0d3d8962e51fde933e25a7e55_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:90e5bc363390f6caf6e8979cd4deb6b6a457aae0d3d8962e51fde933e25a7e55_arm64" }, "product_reference": "rhacm2/acm-grafana-rhel8@sha256:90e5bc363390f6caf6e8979cd4deb6b6a457aae0d3d8962e51fde933e25a7e55_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-grafana-rhel8@sha256:99af8ed5f5123f8800465545d96e08b65ec8ad2adb59dfdb03f0a8c0062478b9_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:99af8ed5f5123f8800465545d96e08b65ec8ad2adb59dfdb03f0a8c0062478b9_ppc64le" }, "product_reference": "rhacm2/acm-grafana-rhel8@sha256:99af8ed5f5123f8800465545d96e08b65ec8ad2adb59dfdb03f0a8c0062478b9_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-grafana-rhel8@sha256:f4a12750af0ff96c6d674f3b1b54fc003d430264dfb123f1475ca0f96dd74d35_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:f4a12750af0ff96c6d674f3b1b54fc003d430264dfb123f1475ca0f96dd74d35_amd64" }, "product_reference": "rhacm2/acm-grafana-rhel8@sha256:f4a12750af0ff96c6d674f3b1b54fc003d430264dfb123f1475ca0f96dd74d35_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-must-gather-rhel8@sha256:5fc53fbfd6f4db093c4b759572ffe552edfb14a7d90f4a7e7159886a0cf8b934_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:5fc53fbfd6f4db093c4b759572ffe552edfb14a7d90f4a7e7159886a0cf8b934_ppc64le" }, "product_reference": "rhacm2/acm-must-gather-rhel8@sha256:5fc53fbfd6f4db093c4b759572ffe552edfb14a7d90f4a7e7159886a0cf8b934_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-must-gather-rhel8@sha256:6b5550b372570898f0d5b3dcae9252faf5b96252b6e943abffb8d99e110f4ea6_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:6b5550b372570898f0d5b3dcae9252faf5b96252b6e943abffb8d99e110f4ea6_arm64" }, "product_reference": "rhacm2/acm-must-gather-rhel8@sha256:6b5550b372570898f0d5b3dcae9252faf5b96252b6e943abffb8d99e110f4ea6_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-must-gather-rhel8@sha256:79d17fcb99890489ef19b29aefdf559ce8105f204c2e9d241153368f1b70b7a9_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:79d17fcb99890489ef19b29aefdf559ce8105f204c2e9d241153368f1b70b7a9_s390x" }, "product_reference": "rhacm2/acm-must-gather-rhel8@sha256:79d17fcb99890489ef19b29aefdf559ce8105f204c2e9d241153368f1b70b7a9_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-must-gather-rhel8@sha256:a37b17c006729fdfc830302c225a7dbb954730a43dc33d853b2338733b9ff50b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:a37b17c006729fdfc830302c225a7dbb954730a43dc33d853b2338733b9ff50b_amd64" }, "product_reference": "rhacm2/acm-must-gather-rhel8@sha256:a37b17c006729fdfc830302c225a7dbb954730a43dc33d853b2338733b9ff50b_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-operator-bundle@sha256:379b0f178959b082d2b718bc89e8af9491ea75c48f131f6771294c7028c6c480_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:379b0f178959b082d2b718bc89e8af9491ea75c48f131f6771294c7028c6c480_amd64" }, "product_reference": "rhacm2/acm-operator-bundle@sha256:379b0f178959b082d2b718bc89e8af9491ea75c48f131f6771294c7028c6c480_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-operator-bundle@sha256:4250f5cde3f6f70c34b7fe503fb4c838682cfb04ab5c9febe9a7455b841422f6_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:4250f5cde3f6f70c34b7fe503fb4c838682cfb04ab5c9febe9a7455b841422f6_s390x" }, "product_reference": "rhacm2/acm-operator-bundle@sha256:4250f5cde3f6f70c34b7fe503fb4c838682cfb04ab5c9febe9a7455b841422f6_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-operator-bundle@sha256:958e3848e2e4ef8fab390e4fc15f106616e5b6e1313f8f6d8b347b0b83c80636_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:958e3848e2e4ef8fab390e4fc15f106616e5b6e1313f8f6d8b347b0b83c80636_ppc64le" }, "product_reference": "rhacm2/acm-operator-bundle@sha256:958e3848e2e4ef8fab390e4fc15f106616e5b6e1313f8f6d8b347b0b83c80636_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:35bb8ab4899ede811e586e30ba45c7b794b80e76bec005878095ad798358221b_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:35bb8ab4899ede811e586e30ba45c7b794b80e76bec005878095ad798358221b_ppc64le" }, "product_reference": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:35bb8ab4899ede811e586e30ba45c7b794b80e76bec005878095ad798358221b_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:d39f60038997f995a159e1f9f7d58838f4bea27feec43061399ac0b49a4283dc_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:d39f60038997f995a159e1f9f7d58838f4bea27feec43061399ac0b49a4283dc_arm64" }, "product_reference": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:d39f60038997f995a159e1f9f7d58838f4bea27feec43061399ac0b49a4283dc_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:da218dc1cc58c7522b230869b09c837f50b91e790afc5e2ebcbc8bf217fcaf7b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:da218dc1cc58c7522b230869b09c837f50b91e790afc5e2ebcbc8bf217fcaf7b_s390x" }, "product_reference": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:da218dc1cc58c7522b230869b09c837f50b91e790afc5e2ebcbc8bf217fcaf7b_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:f9f9884131d2eb8ce10ee141009aa0e90bd9ce5408d05fc448983524f48aa612_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:f9f9884131d2eb8ce10ee141009aa0e90bd9ce5408d05fc448983524f48aa612_amd64" }, "product_reference": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:f9f9884131d2eb8ce10ee141009aa0e90bd9ce5408d05fc448983524f48aa612_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-rhel8@sha256:1410f6af450d9fefbd6f8618981865e8fd4e0d3f1c7fc5ab052b128bb358bdb3_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:1410f6af450d9fefbd6f8618981865e8fd4e0d3f1c7fc5ab052b128bb358bdb3_ppc64le" }, "product_reference": "rhacm2/acm-prometheus-rhel8@sha256:1410f6af450d9fefbd6f8618981865e8fd4e0d3f1c7fc5ab052b128bb358bdb3_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-rhel8@sha256:917e5e88a3e32a81d4819a019c246c09ebc2ffee6ef0e04e5be50b809dddfb17_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:917e5e88a3e32a81d4819a019c246c09ebc2ffee6ef0e04e5be50b809dddfb17_amd64" }, "product_reference": "rhacm2/acm-prometheus-rhel8@sha256:917e5e88a3e32a81d4819a019c246c09ebc2ffee6ef0e04e5be50b809dddfb17_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-rhel8@sha256:b36ca60719f6cb6051f0f67ab9064b18ae59cbcebea14663b76b7889c798f14c_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:b36ca60719f6cb6051f0f67ab9064b18ae59cbcebea14663b76b7889c798f14c_arm64" }, "product_reference": "rhacm2/acm-prometheus-rhel8@sha256:b36ca60719f6cb6051f0f67ab9064b18ae59cbcebea14663b76b7889c798f14c_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-rhel8@sha256:de87edacf2754ee62bfab323e5729f6a79b8ffcc8b0d89a106653400b5cb22e1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:de87edacf2754ee62bfab323e5729f6a79b8ffcc8b0d89a106653400b5cb22e1_s390x" }, "product_reference": "rhacm2/acm-prometheus-rhel8@sha256:de87edacf2754ee62bfab323e5729f6a79b8ffcc8b0d89a106653400b5cb22e1_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:2eaefe3d0a04912a54e68fc1c6e7d51d5ef05c93e07da9861cd82f87e6baf22a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:2eaefe3d0a04912a54e68fc1c6e7d51d5ef05c93e07da9861cd82f87e6baf22a_ppc64le" }, "product_reference": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:2eaefe3d0a04912a54e68fc1c6e7d51d5ef05c93e07da9861cd82f87e6baf22a_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:44fbdb06ae27304f5c2adfc1c4cc1982ba0fb3f91fc41dddd015981312f7f697_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:44fbdb06ae27304f5c2adfc1c4cc1982ba0fb3f91fc41dddd015981312f7f697_amd64" }, "product_reference": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:44fbdb06ae27304f5c2adfc1c4cc1982ba0fb3f91fc41dddd015981312f7f697_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:52dc4e94bf039195a43998446c2424e736f301ca033fc387c4a908851bf3bb52_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:52dc4e94bf039195a43998446c2424e736f301ca033fc387c4a908851bf3bb52_arm64" }, "product_reference": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:52dc4e94bf039195a43998446c2424e736f301ca033fc387c4a908851bf3bb52_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:da2b284230284bbbf8d67cd54af44f75b9c56d0de52f85f3b2b31461a2a7933a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:da2b284230284bbbf8d67cd54af44f75b9c56d0de52f85f3b2b31461a2a7933a_s390x" }, "product_reference": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:da2b284230284bbbf8d67cd54af44f75b9c56d0de52f85f3b2b31461a2a7933a_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:4d054d8dc6d907fa0b5d02aea550906912bf65bc7c1278aa83d70ad0a1abd9eb_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:4d054d8dc6d907fa0b5d02aea550906912bf65bc7c1278aa83d70ad0a1abd9eb_amd64" }, "product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:4d054d8dc6d907fa0b5d02aea550906912bf65bc7c1278aa83d70ad0a1abd9eb_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:52c5ab4725cc1a317981a3d647fd2a39e314bc33942a01b19c650d0e26e0ec00_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:52c5ab4725cc1a317981a3d647fd2a39e314bc33942a01b19c650d0e26e0ec00_arm64" }, "product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:52c5ab4725cc1a317981a3d647fd2a39e314bc33942a01b19c650d0e26e0ec00_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:8b5e8a7050ac5a5ea4cd1df3de6e58446b082c94af8f0185f89c27090a2a02b4_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:8b5e8a7050ac5a5ea4cd1df3de6e58446b082c94af8f0185f89c27090a2a02b4_ppc64le" }, "product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:8b5e8a7050ac5a5ea4cd1df3de6e58446b082c94af8f0185f89c27090a2a02b4_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:a3a843254a247d6bf8c12af97c7f9bb7cd41b6aa04d791370af4bc454de0062f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:a3a843254a247d6bf8c12af97c7f9bb7cd41b6aa04d791370af4bc454de0062f_s390x" }, "product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:a3a843254a247d6bf8c12af97c7f9bb7cd41b6aa04d791370af4bc454de0062f_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:486b767a84eabfc0b0cff6c960e0c45cffb964435d87edc594e92b736bc188a7_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:486b767a84eabfc0b0cff6c960e0c45cffb964435d87edc594e92b736bc188a7_arm64" }, "product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:486b767a84eabfc0b0cff6c960e0c45cffb964435d87edc594e92b736bc188a7_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:78db56efe92cdbcb02b90a01f5810f340870f8ea65ce13d64968c8f35388dc40_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:78db56efe92cdbcb02b90a01f5810f340870f8ea65ce13d64968c8f35388dc40_ppc64le" }, "product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:78db56efe92cdbcb02b90a01f5810f340870f8ea65ce13d64968c8f35388dc40_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:a5280612e833e10f950729983478a6252aaa62490091696d913f41225816ff9e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:a5280612e833e10f950729983478a6252aaa62490091696d913f41225816ff9e_s390x" }, "product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:a5280612e833e10f950729983478a6252aaa62490091696d913f41225816ff9e_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:c92e05f3c0858aed85e4152f29e6ec964e9f5de60fe828e6776e0b24daabb9f8_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:c92e05f3c0858aed85e4152f29e6ec964e9f5de60fe828e6776e0b24daabb9f8_amd64" }, "product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:c92e05f3c0858aed85e4152f29e6ec964e9f5de60fe828e6776e0b24daabb9f8_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/config-policy-controller-rhel8@sha256:32a2410084b0e02ace6a50d2f94369b1013f191e996c779067af2dd6d5ef704a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:32a2410084b0e02ace6a50d2f94369b1013f191e996c779067af2dd6d5ef704a_s390x" }, "product_reference": "rhacm2/config-policy-controller-rhel8@sha256:32a2410084b0e02ace6a50d2f94369b1013f191e996c779067af2dd6d5ef704a_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/config-policy-controller-rhel8@sha256:3d6d6e470b58e7653bd9baf271201354ce1cc92d5ffffd45085bb23597c86fbc_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:3d6d6e470b58e7653bd9baf271201354ce1cc92d5ffffd45085bb23597c86fbc_amd64" }, "product_reference": "rhacm2/config-policy-controller-rhel8@sha256:3d6d6e470b58e7653bd9baf271201354ce1cc92d5ffffd45085bb23597c86fbc_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/config-policy-controller-rhel8@sha256:5701b2728c757feb707eab33cdd06b3709cd0b99a7c1030856c1d86fadb50dd3_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:5701b2728c757feb707eab33cdd06b3709cd0b99a7c1030856c1d86fadb50dd3_arm64" }, "product_reference": "rhacm2/config-policy-controller-rhel8@sha256:5701b2728c757feb707eab33cdd06b3709cd0b99a7c1030856c1d86fadb50dd3_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/config-policy-controller-rhel8@sha256:58327cbc796e527bf108ffa08907a9592860afa2d9761ae6ef6ebfe581fadf4f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:58327cbc796e527bf108ffa08907a9592860afa2d9761ae6ef6ebfe581fadf4f_ppc64le" }, "product_reference": "rhacm2/config-policy-controller-rhel8@sha256:58327cbc796e527bf108ffa08907a9592860afa2d9761ae6ef6ebfe581fadf4f_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/console-rhel8@sha256:08873157eef623ceb3482d49e7d13db26954c995afda3ed7c9bb54f327c87558_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:08873157eef623ceb3482d49e7d13db26954c995afda3ed7c9bb54f327c87558_ppc64le" }, "product_reference": "rhacm2/console-rhel8@sha256:08873157eef623ceb3482d49e7d13db26954c995afda3ed7c9bb54f327c87558_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/console-rhel8@sha256:22806dc757bbb6f43c300aabb10fe07ed1067fadbdd67205906784a4f6545e05_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:22806dc757bbb6f43c300aabb10fe07ed1067fadbdd67205906784a4f6545e05_amd64" }, "product_reference": "rhacm2/console-rhel8@sha256:22806dc757bbb6f43c300aabb10fe07ed1067fadbdd67205906784a4f6545e05_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/console-rhel8@sha256:74718380683dd2ad8bba18ae57e7573a4d9d835a4a48de51fec2d20e78c2f7b1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:74718380683dd2ad8bba18ae57e7573a4d9d835a4a48de51fec2d20e78c2f7b1_s390x" }, "product_reference": "rhacm2/console-rhel8@sha256:74718380683dd2ad8bba18ae57e7573a4d9d835a4a48de51fec2d20e78c2f7b1_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/console-rhel8@sha256:ab839da8f703bce3801f7b7b8360ad32c359af63d798a78001f8b22829b2e8eb_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:ab839da8f703bce3801f7b7b8360ad32c359af63d798a78001f8b22829b2e8eb_arm64" }, "product_reference": "rhacm2/console-rhel8@sha256:ab839da8f703bce3801f7b7b8360ad32c359af63d798a78001f8b22829b2e8eb_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:09844b79501670871afa69e546a19eebfb318ad218196d99776f5c71828a01b9_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:09844b79501670871afa69e546a19eebfb318ad218196d99776f5c71828a01b9_amd64" }, "product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:09844b79501670871afa69e546a19eebfb318ad218196d99776f5c71828a01b9_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:38faff6ab482a1e40288ffc32084e06a228827aeccd3fcd456321ce3c3220d51_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:38faff6ab482a1e40288ffc32084e06a228827aeccd3fcd456321ce3c3220d51_arm64" }, "product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:38faff6ab482a1e40288ffc32084e06a228827aeccd3fcd456321ce3c3220d51_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:6b5cb903d4b108c98672bae1b09d37254cb45ec0140d895aa109f757a74e3900_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:6b5cb903d4b108c98672bae1b09d37254cb45ec0140d895aa109f757a74e3900_s390x" }, "product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:6b5cb903d4b108c98672bae1b09d37254cb45ec0140d895aa109f757a74e3900_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:8a76f978de734da792cdceb8f84fccec344b191755976050cfb914990a11f474_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:8a76f978de734da792cdceb8f84fccec344b191755976050cfb914990a11f474_ppc64le" }, "product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:8a76f978de734da792cdceb8f84fccec344b191755976050cfb914990a11f474_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:4b98fddbadd599896e3b764b46c8540a4d479508c2bae373acce62a9a3136838_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:4b98fddbadd599896e3b764b46c8540a4d479508c2bae373acce62a9a3136838_amd64" }, "product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:4b98fddbadd599896e3b764b46c8540a4d479508c2bae373acce62a9a3136838_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:7695a160568b7ec52f8325da984abd4e6703289040020c8c63d146833d34109d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:7695a160568b7ec52f8325da984abd4e6703289040020c8c63d146833d34109d_s390x" }, "product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:7695a160568b7ec52f8325da984abd4e6703289040020c8c63d146833d34109d_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:b185bd32f1cbeeca19da72b8b60910203963d048f01b3c5333475c539bacab6e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:b185bd32f1cbeeca19da72b8b60910203963d048f01b3c5333475c539bacab6e_ppc64le" }, "product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:b185bd32f1cbeeca19da72b8b60910203963d048f01b3c5333475c539bacab6e_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:e8ba00af597c421fddb15ec1c0bbabc0f4f20d5f5536fcca8741c55d05494f41_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:e8ba00af597c421fddb15ec1c0bbabc0f4f20d5f5536fcca8741c55d05494f41_arm64" }, "product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:e8ba00af597c421fddb15ec1c0bbabc0f4f20d5f5536fcca8741c55d05494f41_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:534bfeddcdb71e091d41fecff793d6a6fce0515e5429845b0e865aa1b5dfdb62_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:534bfeddcdb71e091d41fecff793d6a6fce0515e5429845b0e865aa1b5dfdb62_ppc64le" }, "product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:534bfeddcdb71e091d41fecff793d6a6fce0515e5429845b0e865aa1b5dfdb62_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:66c686412add02b3cf62fbe1dcb7374b1349d82f64e1f3360aa342f464ea2662_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:66c686412add02b3cf62fbe1dcb7374b1349d82f64e1f3360aa342f464ea2662_amd64" }, "product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:66c686412add02b3cf62fbe1dcb7374b1349d82f64e1f3360aa342f464ea2662_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:71853feadcde144e2b483b1643b1234c61adc46b6a0ec87d28c5a3dc9cd17b28_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:71853feadcde144e2b483b1643b1234c61adc46b6a0ec87d28c5a3dc9cd17b28_s390x" }, "product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:71853feadcde144e2b483b1643b1234c61adc46b6a0ec87d28c5a3dc9cd17b28_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:e35071bdb532d8d9dbe8b592746d746e67e19dc6c909168f6f7b7faedd4145fe_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:e35071bdb532d8d9dbe8b592746d746e67e19dc6c909168f6f7b7faedd4145fe_arm64" }, "product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:e35071bdb532d8d9dbe8b592746d746e67e19dc6c909168f6f7b7faedd4145fe_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:4fbedcad245f1c178f8f561d1362bd99fe0b0df72a4d8133f51fabe83417a023_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:4fbedcad245f1c178f8f561d1362bd99fe0b0df72a4d8133f51fabe83417a023_amd64" }, "product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:4fbedcad245f1c178f8f561d1362bd99fe0b0df72a4d8133f51fabe83417a023_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:b5e47e37536797e7875c91eccb911a10c0ef31ae161985967a02ce5f907c117d_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:b5e47e37536797e7875c91eccb911a10c0ef31ae161985967a02ce5f907c117d_arm64" }, "product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:b5e47e37536797e7875c91eccb911a10c0ef31ae161985967a02ce5f907c117d_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:de8da7ee86e521d9dd0f5c35c0a7cb519c3a0e8e68ff1102e937a49609c8c342_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:de8da7ee86e521d9dd0f5c35c0a7cb519c3a0e8e68ff1102e937a49609c8c342_s390x" }, "product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:de8da7ee86e521d9dd0f5c35c0a7cb519c3a0e8e68ff1102e937a49609c8c342_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:f1d9e1277d505d99cd3bcb3dc67708ed1e40041058dc97c59886363569f92019_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:f1d9e1277d505d99cd3bcb3dc67708ed1e40041058dc97c59886363569f92019_ppc64le" }, "product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:f1d9e1277d505d99cd3bcb3dc67708ed1e40041058dc97c59886363569f92019_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:37aecc338a66d9d2918242f2f9ba24211bb0f4e95e3913458492caca2e5862fd_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:37aecc338a66d9d2918242f2f9ba24211bb0f4e95e3913458492caca2e5862fd_amd64" }, "product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:37aecc338a66d9d2918242f2f9ba24211bb0f4e95e3913458492caca2e5862fd_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:512a9ccdab049b9777745360f882f9a2784622f66c406fe68d7a5f7efb8b6c1d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:512a9ccdab049b9777745360f882f9a2784622f66c406fe68d7a5f7efb8b6c1d_s390x" }, "product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:512a9ccdab049b9777745360f882f9a2784622f66c406fe68d7a5f7efb8b6c1d_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:c1860c9dbe1ba622761ab2fd1612053b28ac979724e6f76e7022de99f936602e_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:c1860c9dbe1ba622761ab2fd1612053b28ac979724e6f76e7022de99f936602e_arm64" }, "product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:c1860c9dbe1ba622761ab2fd1612053b28ac979724e6f76e7022de99f936602e_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:e605a7da078a386a33cdb0873c02a7e81ed7d34d723e3a739f93c693dd56c3a7_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:e605a7da078a386a33cdb0873c02a7e81ed7d34d723e3a739f93c693dd56c3a7_ppc64le" }, "product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:e605a7da078a386a33cdb0873c02a7e81ed7d34d723e3a739f93c693dd56c3a7_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:127dc3f02371ab5275f612a0bf2ecabcd679401ea9e5a2af8619c849d2fc412a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:127dc3f02371ab5275f612a0bf2ecabcd679401ea9e5a2af8619c849d2fc412a_amd64" }, "product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:127dc3f02371ab5275f612a0bf2ecabcd679401ea9e5a2af8619c849d2fc412a_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:1e31ff088aaae7fcf90251e0c13be9b550d25253dffc190b7c69a5bd916cb0e4_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:1e31ff088aaae7fcf90251e0c13be9b550d25253dffc190b7c69a5bd916cb0e4_ppc64le" }, "product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:1e31ff088aaae7fcf90251e0c13be9b550d25253dffc190b7c69a5bd916cb0e4_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:2f44dc093a0eb977805cd5c5392fb2b7f8cdc421e240f5d9ab1bcb30a9c4b603_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:2f44dc093a0eb977805cd5c5392fb2b7f8cdc421e240f5d9ab1bcb30a9c4b603_arm64" }, "product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:2f44dc093a0eb977805cd5c5392fb2b7f8cdc421e240f5d9ab1bcb30a9c4b603_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:bf4643c1013541a05f93cc0ee72c6d2969984d8e540a270b12438fcaad07d674_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:bf4643c1013541a05f93cc0ee72c6d2969984d8e540a270b12438fcaad07d674_s390x" }, "product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:bf4643c1013541a05f93cc0ee72c6d2969984d8e540a270b12438fcaad07d674_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:4030115941676ce2b4579eeca2cecefc064cc9b1e37be547040c31c97f8e19a5_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:4030115941676ce2b4579eeca2cecefc064cc9b1e37be547040c31c97f8e19a5_ppc64le" }, "product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:4030115941676ce2b4579eeca2cecefc064cc9b1e37be547040c31c97f8e19a5_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:aa2dcc759acefe7597bc6994e5596fe36951a0829cbc808797b120dea2b5041a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:aa2dcc759acefe7597bc6994e5596fe36951a0829cbc808797b120dea2b5041a_amd64" }, "product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:aa2dcc759acefe7597bc6994e5596fe36951a0829cbc808797b120dea2b5041a_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:bd7e3ead4913728b2add04d2fe0674f8aef38903cb3391c10179a50dd8ed3fd7_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:bd7e3ead4913728b2add04d2fe0674f8aef38903cb3391c10179a50dd8ed3fd7_arm64" }, "product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:bd7e3ead4913728b2add04d2fe0674f8aef38903cb3391c10179a50dd8ed3fd7_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:e948ee3817a6438e113c3aa2cd0143d407f9a6c271d5a65bbee5cd7b36475b5d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:e948ee3817a6438e113c3aa2cd0143d407f9a6c271d5a65bbee5cd7b36475b5d_s390x" }, "product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:e948ee3817a6438e113c3aa2cd0143d407f9a6c271d5a65bbee5cd7b36475b5d_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-client-rhel8@sha256:26572690e8f1e22cd5a05ae603246cfced69d4cb90136acc8ac9069cc51b3bd0_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:26572690e8f1e22cd5a05ae603246cfced69d4cb90136acc8ac9069cc51b3bd0_amd64" }, "product_reference": "rhacm2/insights-client-rhel8@sha256:26572690e8f1e22cd5a05ae603246cfced69d4cb90136acc8ac9069cc51b3bd0_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-client-rhel8@sha256:2d28a9c2bcf4a880988127333244505a91e7efdfaf06958fec7b8560ac6a964c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:2d28a9c2bcf4a880988127333244505a91e7efdfaf06958fec7b8560ac6a964c_s390x" }, "product_reference": "rhacm2/insights-client-rhel8@sha256:2d28a9c2bcf4a880988127333244505a91e7efdfaf06958fec7b8560ac6a964c_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-client-rhel8@sha256:aaec109d6c7aedad7befccfae92d3f63f8f06d4536a2cad8690686ce89c26bc6_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:aaec109d6c7aedad7befccfae92d3f63f8f06d4536a2cad8690686ce89c26bc6_arm64" }, "product_reference": "rhacm2/insights-client-rhel8@sha256:aaec109d6c7aedad7befccfae92d3f63f8f06d4536a2cad8690686ce89c26bc6_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-client-rhel8@sha256:d0a4a3f76ccbe6054bb94a2552232fdd46fca7ae2d45dde52ab90efae88470e8_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:d0a4a3f76ccbe6054bb94a2552232fdd46fca7ae2d45dde52ab90efae88470e8_ppc64le" }, "product_reference": "rhacm2/insights-client-rhel8@sha256:d0a4a3f76ccbe6054bb94a2552232fdd46fca7ae2d45dde52ab90efae88470e8_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-metrics-rhel8@sha256:0e561b7cfc68fa380ee5939d1b03566adccd7bc3d11ae39796a7816240a29c42_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:0e561b7cfc68fa380ee5939d1b03566adccd7bc3d11ae39796a7816240a29c42_s390x" }, "product_reference": "rhacm2/insights-metrics-rhel8@sha256:0e561b7cfc68fa380ee5939d1b03566adccd7bc3d11ae39796a7816240a29c42_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-metrics-rhel8@sha256:4b903438e95bf786c9121da5381476a9a52e43958a6c3d472fe590e35a7972d6_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:4b903438e95bf786c9121da5381476a9a52e43958a6c3d472fe590e35a7972d6_arm64" }, "product_reference": "rhacm2/insights-metrics-rhel8@sha256:4b903438e95bf786c9121da5381476a9a52e43958a6c3d472fe590e35a7972d6_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-metrics-rhel8@sha256:a23f9b106eb71077ad517a9a2699ff427881c50a27d67d005ba9270180ec3f04_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:a23f9b106eb71077ad517a9a2699ff427881c50a27d67d005ba9270180ec3f04_ppc64le" }, "product_reference": "rhacm2/insights-metrics-rhel8@sha256:a23f9b106eb71077ad517a9a2699ff427881c50a27d67d005ba9270180ec3f04_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-metrics-rhel8@sha256:c069fcd028b17cfa9ac3ee28648739fb786effe22d54cad579f9476254d410d7_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:c069fcd028b17cfa9ac3ee28648739fb786effe22d54cad579f9476254d410d7_amd64" }, "product_reference": "rhacm2/insights-metrics-rhel8@sha256:c069fcd028b17cfa9ac3ee28648739fb786effe22d54cad579f9476254d410d7_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:01785c91ce63587118e914d6af9f8fb6e2e47a1727ce95191fb7077ffad11699_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:01785c91ce63587118e914d6af9f8fb6e2e47a1727ce95191fb7077ffad11699_s390x" }, "product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:01785c91ce63587118e914d6af9f8fb6e2e47a1727ce95191fb7077ffad11699_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:384b8e10a099f9233e210e4e34e1ae900cc9fd7dd7fbdfd5977819266a56554f_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:384b8e10a099f9233e210e4e34e1ae900cc9fd7dd7fbdfd5977819266a56554f_arm64" }, "product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:384b8e10a099f9233e210e4e34e1ae900cc9fd7dd7fbdfd5977819266a56554f_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7221c60e55a7911f94a218bce6fb7acda4877e04077ed1b9c51b6c6b2777b4a2_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7221c60e55a7911f94a218bce6fb7acda4877e04077ed1b9c51b6c6b2777b4a2_ppc64le" }, "product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7221c60e55a7911f94a218bce6fb7acda4877e04077ed1b9c51b6c6b2777b4a2_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7b44376ec7e52275050c4d9de1da8116f87c95526fcbeb3cbcd148ddf4b1bf01_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7b44376ec7e52275050c4d9de1da8116f87c95526fcbeb3cbcd148ddf4b1bf01_amd64" }, "product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7b44376ec7e52275050c4d9de1da8116f87c95526fcbeb3cbcd148ddf4b1bf01_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:0a9b1f967ec37ab3dc38e4ed20c717b0c0e70dffa17133651227c7cd0b8f69bf_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:0a9b1f967ec37ab3dc38e4ed20c717b0c0e70dffa17133651227c7cd0b8f69bf_arm64" }, "product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:0a9b1f967ec37ab3dc38e4ed20c717b0c0e70dffa17133651227c7cd0b8f69bf_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:10174a096f4b4c5e7c0a723a1d497fc2a756e3e22415b507e791c81037073946_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:10174a096f4b4c5e7c0a723a1d497fc2a756e3e22415b507e791c81037073946_ppc64le" }, "product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:10174a096f4b4c5e7c0a723a1d497fc2a756e3e22415b507e791c81037073946_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:622310ec3df5b379aee757687115d4e7799bfb48e55875fe2c541206886a4bfc_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:622310ec3df5b379aee757687115d4e7799bfb48e55875fe2c541206886a4bfc_amd64" }, "product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:622310ec3df5b379aee757687115d4e7799bfb48e55875fe2c541206886a4bfc_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:e476cd6b1eff4afc3826a2e16ad7dd6f0bff6af911ff4b82723f0841c156cfc2_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:e476cd6b1eff4afc3826a2e16ad7dd6f0bff6af911ff4b82723f0841c156cfc2_s390x" }, "product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:e476cd6b1eff4afc3826a2e16ad7dd6f0bff6af911ff4b82723f0841c156cfc2_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:10ee1e8513214127bc1699fd1d537925f80e4932c97df339e02e34348e8ce9f7_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:10ee1e8513214127bc1699fd1d537925f80e4932c97df339e02e34348e8ce9f7_ppc64le" }, "product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:10ee1e8513214127bc1699fd1d537925f80e4932c97df339e02e34348e8ce9f7_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:73044ccae125bd75b599567d0ebf08f133757fcba55c3d033144782a42492118_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:73044ccae125bd75b599567d0ebf08f133757fcba55c3d033144782a42492118_arm64" }, "product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:73044ccae125bd75b599567d0ebf08f133757fcba55c3d033144782a42492118_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:cb1920014ca8188f09fea9006545dbc19a2920672402cae098f163b3299fe49a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:cb1920014ca8188f09fea9006545dbc19a2920672402cae098f163b3299fe49a_s390x" }, "product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:cb1920014ca8188f09fea9006545dbc19a2920672402cae098f163b3299fe49a_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:ecbc5d6d1814a32c662b6fbfb1c77cac0b8a32de69ce205b41389ee370154e06_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:ecbc5d6d1814a32c662b6fbfb1c77cac0b8a32de69ce205b41389ee370154e06_amd64" }, "product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:ecbc5d6d1814a32c662b6fbfb1c77cac0b8a32de69ce205b41389ee370154e06_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/management-ingress-rhel8@sha256:0dcc4996e914351bda366dd983d487eafa663aca34d1c2b40ba7f77a6a9f36f4_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:0dcc4996e914351bda366dd983d487eafa663aca34d1c2b40ba7f77a6a9f36f4_amd64" }, "product_reference": "rhacm2/management-ingress-rhel8@sha256:0dcc4996e914351bda366dd983d487eafa663aca34d1c2b40ba7f77a6a9f36f4_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/management-ingress-rhel8@sha256:51c011ba509cbadc16a96db1e8c3354c2d01e2449773a037824a6c310f46fead_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:51c011ba509cbadc16a96db1e8c3354c2d01e2449773a037824a6c310f46fead_ppc64le" }, "product_reference": "rhacm2/management-ingress-rhel8@sha256:51c011ba509cbadc16a96db1e8c3354c2d01e2449773a037824a6c310f46fead_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/management-ingress-rhel8@sha256:597f2508e90795625da2fb1e84421f82998d388a28ae87100bcf46620268fbac_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:597f2508e90795625da2fb1e84421f82998d388a28ae87100bcf46620268fbac_arm64" }, "product_reference": "rhacm2/management-ingress-rhel8@sha256:597f2508e90795625da2fb1e84421f82998d388a28ae87100bcf46620268fbac_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/management-ingress-rhel8@sha256:7689e721b67e11fe79e1280c8158ccad5b5b0e65dc0b063823b39ee404929d9d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:7689e721b67e11fe79e1280c8158ccad5b5b0e65dc0b063823b39ee404929d9d_s390x" }, "product_reference": "rhacm2/management-ingress-rhel8@sha256:7689e721b67e11fe79e1280c8158ccad5b5b0e65dc0b063823b39ee404929d9d_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-exporter-rhel8@sha256:290dc7f6a9e14c7e1f43716d06a15b5cf5f202b88606d239bf69cf6baec72161_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:290dc7f6a9e14c7e1f43716d06a15b5cf5f202b88606d239bf69cf6baec72161_s390x" }, "product_reference": "rhacm2/memcached-exporter-rhel8@sha256:290dc7f6a9e14c7e1f43716d06a15b5cf5f202b88606d239bf69cf6baec72161_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-exporter-rhel8@sha256:621499f5e4008d5da2f747c71df84fc22c61d384472a175ff4974c607b58bab0_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:621499f5e4008d5da2f747c71df84fc22c61d384472a175ff4974c607b58bab0_amd64" }, "product_reference": "rhacm2/memcached-exporter-rhel8@sha256:621499f5e4008d5da2f747c71df84fc22c61d384472a175ff4974c607b58bab0_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-exporter-rhel8@sha256:866ef7961bdeda5dec501f8dd492e69aad1a3b18cb9c7e37d9379228aa335040_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:866ef7961bdeda5dec501f8dd492e69aad1a3b18cb9c7e37d9379228aa335040_arm64" }, "product_reference": "rhacm2/memcached-exporter-rhel8@sha256:866ef7961bdeda5dec501f8dd492e69aad1a3b18cb9c7e37d9379228aa335040_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-exporter-rhel8@sha256:aa993ba23cc6f0390bcbfaa46b029dae0da77a3722ddf0a35fd3a2235ae8ce0e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:aa993ba23cc6f0390bcbfaa46b029dae0da77a3722ddf0a35fd3a2235ae8ce0e_ppc64le" }, "product_reference": "rhacm2/memcached-exporter-rhel8@sha256:aa993ba23cc6f0390bcbfaa46b029dae0da77a3722ddf0a35fd3a2235ae8ce0e_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-rhel8@sha256:03c1ed5a3abeb0db4c1ed42e5e1b3fa230421150d010127316b4ec73e00f044b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:03c1ed5a3abeb0db4c1ed42e5e1b3fa230421150d010127316b4ec73e00f044b_s390x" }, "product_reference": "rhacm2/memcached-rhel8@sha256:03c1ed5a3abeb0db4c1ed42e5e1b3fa230421150d010127316b4ec73e00f044b_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-rhel8@sha256:1f8d388d0c13f3bef77b5e279533fb6065998dd1cd66ad1781781bf88952a3df_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:1f8d388d0c13f3bef77b5e279533fb6065998dd1cd66ad1781781bf88952a3df_arm64" }, "product_reference": "rhacm2/memcached-rhel8@sha256:1f8d388d0c13f3bef77b5e279533fb6065998dd1cd66ad1781781bf88952a3df_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-rhel8@sha256:25b0a82c5cd1eaa022bd551f9528392c91eff31a76993614583994ea1eebf40e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:25b0a82c5cd1eaa022bd551f9528392c91eff31a76993614583994ea1eebf40e_ppc64le" }, "product_reference": "rhacm2/memcached-rhel8@sha256:25b0a82c5cd1eaa022bd551f9528392c91eff31a76993614583994ea1eebf40e_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-rhel8@sha256:e8f25ff1fb58264ea5b64e745b195a3d4f033a9f5cb570b2dc58f7470de0557b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:e8f25ff1fb58264ea5b64e745b195a3d4f033a9f5cb570b2dc58f7470de0557b_amd64" }, "product_reference": "rhacm2/memcached-rhel8@sha256:e8f25ff1fb58264ea5b64e745b195a3d4f033a9f5cb570b2dc58f7470de0557b_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/metrics-collector-rhel8@sha256:4b8124d8d4274ab1500fa638daf8199aeb8e3cbc56b1ac79f826b4a999c1cd3a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:4b8124d8d4274ab1500fa638daf8199aeb8e3cbc56b1ac79f826b4a999c1cd3a_s390x" }, "product_reference": "rhacm2/metrics-collector-rhel8@sha256:4b8124d8d4274ab1500fa638daf8199aeb8e3cbc56b1ac79f826b4a999c1cd3a_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/metrics-collector-rhel8@sha256:5530070a303d20029eead66535b0a071058ae26cd2ac975a36933ea1e4c9441f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:5530070a303d20029eead66535b0a071058ae26cd2ac975a36933ea1e4c9441f_ppc64le" }, "product_reference": "rhacm2/metrics-collector-rhel8@sha256:5530070a303d20029eead66535b0a071058ae26cd2ac975a36933ea1e4c9441f_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/metrics-collector-rhel8@sha256:5a6483cb82b488f18e0d7756c13bfdb50fa4acf9f4483f636b7412fd0361bf1e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:5a6483cb82b488f18e0d7756c13bfdb50fa4acf9f4483f636b7412fd0361bf1e_amd64" }, "product_reference": "rhacm2/metrics-collector-rhel8@sha256:5a6483cb82b488f18e0d7756c13bfdb50fa4acf9f4483f636b7412fd0361bf1e_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/metrics-collector-rhel8@sha256:e4b4c766030aad5767a67b930a964395339b1e7b4c66b1a2e9a19c11898b602e_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:e4b4c766030aad5767a67b930a964395339b1e7b4c66b1a2e9a19c11898b602e_arm64" }, "product_reference": "rhacm2/metrics-collector-rhel8@sha256:e4b4c766030aad5767a67b930a964395339b1e7b4c66b1a2e9a19c11898b602e_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:348e8b1b310718ac9816ab857b7ea7c8f027d61c9ace2b6219e58192411d37b2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:348e8b1b310718ac9816ab857b7ea7c8f027d61c9ace2b6219e58192411d37b2_amd64" }, "product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:348e8b1b310718ac9816ab857b7ea7c8f027d61c9ace2b6219e58192411d37b2_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:701c7efa2696815961d21469a355c8450f03548a36e72713b34b303aa8892541_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:701c7efa2696815961d21469a355c8450f03548a36e72713b34b303aa8892541_arm64" }, "product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:701c7efa2696815961d21469a355c8450f03548a36e72713b34b303aa8892541_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:8a1df5b72b8a54c5db4adb393754a62345c8e7ef2b8daa83043e465d99acf6d2_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:8a1df5b72b8a54c5db4adb393754a62345c8e7ef2b8daa83043e465d99acf6d2_s390x" }, "product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:8a1df5b72b8a54c5db4adb393754a62345c8e7ef2b8daa83043e465d99acf6d2_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:975c0658f16447d7de03e5aa9ded283d52bbe6b94265fa1144b282e09db5759b_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:975c0658f16447d7de03e5aa9ded283d52bbe6b94265fa1144b282e09db5759b_ppc64le" }, "product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:975c0658f16447d7de03e5aa9ded283d52bbe6b94265fa1144b282e09db5759b_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:3b40707f382a9664f7a2c8cb75805f98fe596a92765a1dd538b890bfc8a2a332_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:3b40707f382a9664f7a2c8cb75805f98fe596a92765a1dd538b890bfc8a2a332_arm64" }, "product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:3b40707f382a9664f7a2c8cb75805f98fe596a92765a1dd538b890bfc8a2a332_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:3fc8fb7098d191415b8971e984582cf8056d351d77025d642f7130ee1c1101d3_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:3fc8fb7098d191415b8971e984582cf8056d351d77025d642f7130ee1c1101d3_s390x" }, "product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:3fc8fb7098d191415b8971e984582cf8056d351d77025d642f7130ee1c1101d3_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:8826ffc8cbe73575575474ab3f5c51a1236ca0562ed402fe6807501851515249_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:8826ffc8cbe73575575474ab3f5c51a1236ca0562ed402fe6807501851515249_amd64" }, "product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:8826ffc8cbe73575575474ab3f5c51a1236ca0562ed402fe6807501851515249_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:f3a6ac6fd1755690595a563766bf4257bf5f61c476e2c7975a10346a2a2fa9cc_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:f3a6ac6fd1755690595a563766bf4257bf5f61c476e2c7975a10346a2a2fa9cc_ppc64le" }, "product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:f3a6ac6fd1755690595a563766bf4257bf5f61c476e2c7975a10346a2a2fa9cc_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:37c6618c92bfa78cf1b2c1ab8627ffe7acf4e153c9ea5edf9e421561754398bf_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:37c6618c92bfa78cf1b2c1ab8627ffe7acf4e153c9ea5edf9e421561754398bf_amd64" }, "product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:37c6618c92bfa78cf1b2c1ab8627ffe7acf4e153c9ea5edf9e421561754398bf_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:58de3caca958225eae8b4921bfdb5ea71be9129dda5a276e59ff5e1ad1946c66_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:58de3caca958225eae8b4921bfdb5ea71be9129dda5a276e59ff5e1ad1946c66_s390x" }, "product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:58de3caca958225eae8b4921bfdb5ea71be9129dda5a276e59ff5e1ad1946c66_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:8d8f269b883f3226a7701840175dac7b869f443cab0e0d67611062c68c5e35a3_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:8d8f269b883f3226a7701840175dac7b869f443cab0e0d67611062c68c5e35a3_ppc64le" }, "product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:8d8f269b883f3226a7701840175dac7b869f443cab0e0d67611062c68c5e35a3_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:e50c3b1377578b4a7e2ea75df60a6e61383d68c9881c1b301211baae548d5f2b_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:e50c3b1377578b4a7e2ea75df60a6e61383d68c9881c1b301211baae548d5f2b_arm64" }, "product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:e50c3b1377578b4a7e2ea75df60a6e61383d68c9881c1b301211baae548d5f2b_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:5a269382be7cc13f315ca5f3b3d1f14ee1c7ddce06d00be7844346cc33bda9c5_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:5a269382be7cc13f315ca5f3b3d1f14ee1c7ddce06d00be7844346cc33bda9c5_s390x" }, "product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:5a269382be7cc13f315ca5f3b3d1f14ee1c7ddce06d00be7844346cc33bda9c5_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:5ec1419cc2667ae09fbd9957b078bb9095464f54eef6c6473162f50b195d1091_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:5ec1419cc2667ae09fbd9957b078bb9095464f54eef6c6473162f50b195d1091_arm64" }, "product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:5ec1419cc2667ae09fbd9957b078bb9095464f54eef6c6473162f50b195d1091_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:914e579180c28e319070e8ccfd2d2f465c387e7fb00f9122a48dab8ff464569c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:914e579180c28e319070e8ccfd2d2f465c387e7fb00f9122a48dab8ff464569c_amd64" }, "product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:914e579180c28e319070e8ccfd2d2f465c387e7fb00f9122a48dab8ff464569c_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:fe656727a6a4ddd9c301227e31c4ea5299633554bf3046fbdfccde3ace112d8c_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:fe656727a6a4ddd9c301227e31c4ea5299633554bf3046fbdfccde3ace112d8c_ppc64le" }, "product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:fe656727a6a4ddd9c301227e31c4ea5299633554bf3046fbdfccde3ace112d8c_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:1b0805e059570d78204cd90362abd5be51bae68ee6d68a16b7253a796e84ab95_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:1b0805e059570d78204cd90362abd5be51bae68ee6d68a16b7253a796e84ab95_s390x" }, "product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:1b0805e059570d78204cd90362abd5be51bae68ee6d68a16b7253a796e84ab95_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:530c3c831336ffb0489a05e03763f4e31f383aeef8f1a9dbd4c28831e58b44d2_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:530c3c831336ffb0489a05e03763f4e31f383aeef8f1a9dbd4c28831e58b44d2_ppc64le" }, "product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:530c3c831336ffb0489a05e03763f4e31f383aeef8f1a9dbd4c28831e58b44d2_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:7b5d82c9d8494e4f787906fad597ab7a89541d88d306f9f284c62db1b3f7d42f_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:7b5d82c9d8494e4f787906fad597ab7a89541d88d306f9f284c62db1b3f7d42f_arm64" }, "product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:7b5d82c9d8494e4f787906fad597ab7a89541d88d306f9f284c62db1b3f7d42f_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:bfc4b10237b98c70fd92b65a7e02de75bcb34a26f533108ff167af98f757930f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:bfc4b10237b98c70fd92b65a7e02de75bcb34a26f533108ff167af98f757930f_amd64" }, "product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:bfc4b10237b98c70fd92b65a7e02de75bcb34a26f533108ff167af98f757930f_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:227fdaa5391412ef2743fb19e7e7660a7e7f97e644a6e9897eee6412b363055d_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:227fdaa5391412ef2743fb19e7e7660a7e7f97e644a6e9897eee6412b363055d_arm64" }, "product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:227fdaa5391412ef2743fb19e7e7660a7e7f97e644a6e9897eee6412b363055d_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:53bf2997e049408b56a112d4686344abfa3d0440287aeb005f257fea535e9372_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:53bf2997e049408b56a112d4686344abfa3d0440287aeb005f257fea535e9372_amd64" }, "product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:53bf2997e049408b56a112d4686344abfa3d0440287aeb005f257fea535e9372_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:66e88b74afb4b1d7ee4d83e47cff514234ce36ff61e5a50110963edcadcac52a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:66e88b74afb4b1d7ee4d83e47cff514234ce36ff61e5a50110963edcadcac52a_ppc64le" }, "product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:66e88b74afb4b1d7ee4d83e47cff514234ce36ff61e5a50110963edcadcac52a_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:c2dc27eb7c085d404b4aa5c57ef863f8a26c59752891084675c3c510357a3792_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:c2dc27eb7c085d404b4aa5c57ef863f8a26c59752891084675c3c510357a3792_s390x" }, "product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:c2dc27eb7c085d404b4aa5c57ef863f8a26c59752891084675c3c510357a3792_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-rhel8@sha256:2d40857f0ab5b654c9fed86007e943269e691e424bdd34a37a4391e469b85b6f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:2d40857f0ab5b654c9fed86007e943269e691e424bdd34a37a4391e469b85b6f_amd64" }, "product_reference": "rhacm2/multiclusterhub-rhel8@sha256:2d40857f0ab5b654c9fed86007e943269e691e424bdd34a37a4391e469b85b6f_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-rhel8@sha256:32d499aedd997fd35f6c2de27c6f835322604d7a354b981be381fbf09d3cf047_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:32d499aedd997fd35f6c2de27c6f835322604d7a354b981be381fbf09d3cf047_arm64" }, "product_reference": "rhacm2/multiclusterhub-rhel8@sha256:32d499aedd997fd35f6c2de27c6f835322604d7a354b981be381fbf09d3cf047_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-rhel8@sha256:8062f267637743e41199ecd33d2c3c2341039ff1ab048d5d4af250c484da44f9_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:8062f267637743e41199ecd33d2c3c2341039ff1ab048d5d4af250c484da44f9_ppc64le" }, "product_reference": "rhacm2/multiclusterhub-rhel8@sha256:8062f267637743e41199ecd33d2c3c2341039ff1ab048d5d4af250c484da44f9_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-rhel8@sha256:8952c04ed09cff20fe17a2e21c36498fa70a600906a36de2da210d13f839b4f4_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:8952c04ed09cff20fe17a2e21c36498fa70a600906a36de2da210d13f839b4f4_s390x" }, "product_reference": "rhacm2/multiclusterhub-rhel8@sha256:8952c04ed09cff20fe17a2e21c36498fa70a600906a36de2da210d13f839b4f4_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/node-exporter-rhel8@sha256:31465d39e7f1687ba4700772bfebc8b75c22cff405a7f2bca79d25f6631c7ef7_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:31465d39e7f1687ba4700772bfebc8b75c22cff405a7f2bca79d25f6631c7ef7_amd64" }, "product_reference": "rhacm2/node-exporter-rhel8@sha256:31465d39e7f1687ba4700772bfebc8b75c22cff405a7f2bca79d25f6631c7ef7_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/node-exporter-rhel8@sha256:3f428d7013475ab40bb3fd43b665bad9c68cc87b65056b08ea0eb1db3ce9b5b9_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:3f428d7013475ab40bb3fd43b665bad9c68cc87b65056b08ea0eb1db3ce9b5b9_ppc64le" }, "product_reference": "rhacm2/node-exporter-rhel8@sha256:3f428d7013475ab40bb3fd43b665bad9c68cc87b65056b08ea0eb1db3ce9b5b9_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/node-exporter-rhel8@sha256:888418f0fbe551a235ca2e31472caba76a9a44b7a98f2257b43f236dd08a638c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:888418f0fbe551a235ca2e31472caba76a9a44b7a98f2257b43f236dd08a638c_s390x" }, "product_reference": "rhacm2/node-exporter-rhel8@sha256:888418f0fbe551a235ca2e31472caba76a9a44b7a98f2257b43f236dd08a638c_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/node-exporter-rhel8@sha256:d44b0945138804cb66c77a025634c0602203c0f949c5af8e963fdd6706c6ba2f_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:d44b0945138804cb66c77a025634c0602203c0f949c5af8e963fdd6706c6ba2f_arm64" }, "product_reference": "rhacm2/node-exporter-rhel8@sha256:d44b0945138804cb66c77a025634c0602203c0f949c5af8e963fdd6706c6ba2f_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8-operator@sha256:43bbf7abf149072af9b440ba006e20a36e7adcfdd136c75914aacd166d0e7300_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:43bbf7abf149072af9b440ba006e20a36e7adcfdd136c75914aacd166d0e7300_s390x" }, "product_reference": "rhacm2/observatorium-rhel8-operator@sha256:43bbf7abf149072af9b440ba006e20a36e7adcfdd136c75914aacd166d0e7300_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8-operator@sha256:56c5a37ca143e8f66bb6b4fb44d15192bd9105dd29de3f886d2b0a829031fca8_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:56c5a37ca143e8f66bb6b4fb44d15192bd9105dd29de3f886d2b0a829031fca8_arm64" }, "product_reference": "rhacm2/observatorium-rhel8-operator@sha256:56c5a37ca143e8f66bb6b4fb44d15192bd9105dd29de3f886d2b0a829031fca8_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8-operator@sha256:5cbed421779d0dabbbb3d64346e5d0a3a2210822f19fd08963c87c1ea131bc82_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:5cbed421779d0dabbbb3d64346e5d0a3a2210822f19fd08963c87c1ea131bc82_amd64" }, "product_reference": "rhacm2/observatorium-rhel8-operator@sha256:5cbed421779d0dabbbb3d64346e5d0a3a2210822f19fd08963c87c1ea131bc82_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8-operator@sha256:9e6d72947023881793fb2862c796fcc7bb779b950c1549ffad6ac5d8e857af7d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:9e6d72947023881793fb2862c796fcc7bb779b950c1549ffad6ac5d8e857af7d_ppc64le" }, "product_reference": "rhacm2/observatorium-rhel8-operator@sha256:9e6d72947023881793fb2862c796fcc7bb779b950c1549ffad6ac5d8e857af7d_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8@sha256:3a2fdbb6fd11298f9c3c839ef986e6d922434a0e06c0ad991453b605f0a98c75_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:3a2fdbb6fd11298f9c3c839ef986e6d922434a0e06c0ad991453b605f0a98c75_arm64" }, "product_reference": "rhacm2/observatorium-rhel8@sha256:3a2fdbb6fd11298f9c3c839ef986e6d922434a0e06c0ad991453b605f0a98c75_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8@sha256:40e5c987cdc42805e4ba160761cd56521023cb541701186efeebf83d42fd2e95_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:40e5c987cdc42805e4ba160761cd56521023cb541701186efeebf83d42fd2e95_ppc64le" }, "product_reference": "rhacm2/observatorium-rhel8@sha256:40e5c987cdc42805e4ba160761cd56521023cb541701186efeebf83d42fd2e95_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8@sha256:85e91086e8fd262482177ab8704ea07b879356f8e55f1a204b3300c52f04b953_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:85e91086e8fd262482177ab8704ea07b879356f8e55f1a204b3300c52f04b953_s390x" }, "product_reference": "rhacm2/observatorium-rhel8@sha256:85e91086e8fd262482177ab8704ea07b879356f8e55f1a204b3300c52f04b953_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8@sha256:a293b2ecc7d1c0941be72b715eca800b5aac0a02b7f6f28731a25153d7445d52_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:a293b2ecc7d1c0941be72b715eca800b5aac0a02b7f6f28731a25153d7445d52_amd64" }, "product_reference": "rhacm2/observatorium-rhel8@sha256:a293b2ecc7d1c0941be72b715eca800b5aac0a02b7f6f28731a25153d7445d52_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:4276ed80b39eb7f35426b57e6505457256fd5533bf060f6e8c6562b966474d2f_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:4276ed80b39eb7f35426b57e6505457256fd5533bf060f6e8c6562b966474d2f_arm64" }, "product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:4276ed80b39eb7f35426b57e6505457256fd5533bf060f6e8c6562b966474d2f_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:8dde4f312bdfc72eb84bcbf4ccd6f8f7fc3dee8f82b84aac4c661c05d2669546_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:8dde4f312bdfc72eb84bcbf4ccd6f8f7fc3dee8f82b84aac4c661c05d2669546_s390x" }, "product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:8dde4f312bdfc72eb84bcbf4ccd6f8f7fc3dee8f82b84aac4c661c05d2669546_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:b117eb50400df9af256f117f84db65fcebdd24a9e7e8c7065bea6f81a8958777_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:b117eb50400df9af256f117f84db65fcebdd24a9e7e8c7065bea6f81a8958777_ppc64le" }, "product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:b117eb50400df9af256f117f84db65fcebdd24a9e7e8c7065bea6f81a8958777_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:f15ba82a509069bce631869a418e505f5a3ef67f33ae1b02d09d33558ffc2f15_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:f15ba82a509069bce631869a418e505f5a3ef67f33ae1b02d09d33558ffc2f15_amd64" }, "product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:f15ba82a509069bce631869a418e505f5a3ef67f33ae1b02d09d33558ffc2f15_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-rhel8@sha256:619c7f6f37801ab2a3b0a38780c4be8015b98d6409ade233490162ddf27491a4_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:619c7f6f37801ab2a3b0a38780c4be8015b98d6409ade233490162ddf27491a4_arm64" }, "product_reference": "rhacm2/prometheus-rhel8@sha256:619c7f6f37801ab2a3b0a38780c4be8015b98d6409ade233490162ddf27491a4_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-rhel8@sha256:7e5f3f691625772d6f3363116a56d88d244f6552c59b6a2aa0d9cbc4a416ac1e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:7e5f3f691625772d6f3363116a56d88d244f6552c59b6a2aa0d9cbc4a416ac1e_amd64" }, "product_reference": "rhacm2/prometheus-rhel8@sha256:7e5f3f691625772d6f3363116a56d88d244f6552c59b6a2aa0d9cbc4a416ac1e_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-rhel8@sha256:b0be4aa03a021f62b8bceb029aa3baef4f86be280c2bcc9255454f40c345a46a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:b0be4aa03a021f62b8bceb029aa3baef4f86be280c2bcc9255454f40c345a46a_s390x" }, "product_reference": "rhacm2/prometheus-rhel8@sha256:b0be4aa03a021f62b8bceb029aa3baef4f86be280c2bcc9255454f40c345a46a_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-rhel8@sha256:fef8c54ad6a80b4b983824c47a608a5c862c4d9cbcf419e5810955ff762cdc92_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:fef8c54ad6a80b4b983824c47a608a5c862c4d9cbcf419e5810955ff762cdc92_ppc64le" }, "product_reference": "rhacm2/prometheus-rhel8@sha256:fef8c54ad6a80b4b983824c47a608a5c862c4d9cbcf419e5810955ff762cdc92_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:553aaf0de45b0fd73522e45e500ff06e383b7851050bf7355856146575f93dcb_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:553aaf0de45b0fd73522e45e500ff06e383b7851050bf7355856146575f93dcb_arm64" }, "product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:553aaf0de45b0fd73522e45e500ff06e383b7851050bf7355856146575f93dcb_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:8afdaa5fe85f2e1b34c5f567e46458a9e80d666034144f32beb0d7dc66fb5ffa_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:8afdaa5fe85f2e1b34c5f567e46458a9e80d666034144f32beb0d7dc66fb5ffa_ppc64le" }, "product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:8afdaa5fe85f2e1b34c5f567e46458a9e80d666034144f32beb0d7dc66fb5ffa_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:c23546c1fbd394f9a736a00ab41404874b5a38fb43f6ae6be666a892163fc95b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:c23546c1fbd394f9a736a00ab41404874b5a38fb43f6ae6be666a892163fc95b_s390x" }, "product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:c23546c1fbd394f9a736a00ab41404874b5a38fb43f6ae6be666a892163fc95b_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:ee07d3b2bf79e91cae5e430a6fe7d34523218f0d9dc4a913c3457f6cdf4450f9_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:ee07d3b2bf79e91cae5e430a6fe7d34523218f0d9dc4a913c3457f6cdf4450f9_amd64" }, "product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:ee07d3b2bf79e91cae5e430a6fe7d34523218f0d9dc4a913c3457f6cdf4450f9_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:29c4fb7279a7fa5c186459035a6a4dfc58b5fcb5cd0c40cfd889cbb181a3f310_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:29c4fb7279a7fa5c186459035a6a4dfc58b5fcb5cd0c40cfd889cbb181a3f310_arm64" }, "product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:29c4fb7279a7fa5c186459035a6a4dfc58b5fcb5cd0c40cfd889cbb181a3f310_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:af50cae15ba3dd44784d1d6a0b3f5492453f0aaf6ea8a54464c9e3184e266d14_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:af50cae15ba3dd44784d1d6a0b3f5492453f0aaf6ea8a54464c9e3184e266d14_ppc64le" }, "product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:af50cae15ba3dd44784d1d6a0b3f5492453f0aaf6ea8a54464c9e3184e266d14_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:c84a948c57f07dbdb9c71184b01c839fcf50f59cae2ac11961746c78fab9812e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:c84a948c57f07dbdb9c71184b01c839fcf50f59cae2ac11961746c78fab9812e_amd64" }, "product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:c84a948c57f07dbdb9c71184b01c839fcf50f59cae2ac11961746c78fab9812e_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:d19c4ecc6436c20e109ea34e7b4c9d247cfae129111ac2ec458bb8a5598e0465_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:d19c4ecc6436c20e109ea34e7b4c9d247cfae129111ac2ec458bb8a5598e0465_s390x" }, "product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:d19c4ecc6436c20e109ea34e7b4c9d247cfae129111ac2ec458bb8a5598e0465_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-aggregator-rhel8@sha256:7ac4f7ff93bd61adbb93c550e5f414123db49de12fa10db36c0eccb7934b04bf_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:7ac4f7ff93bd61adbb93c550e5f414123db49de12fa10db36c0eccb7934b04bf_arm64" }, "product_reference": "rhacm2/search-aggregator-rhel8@sha256:7ac4f7ff93bd61adbb93c550e5f414123db49de12fa10db36c0eccb7934b04bf_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-aggregator-rhel8@sha256:d0046873c8908a14953fd5dba03db185cc03203a6f8dfc04a7a89e3175b996d1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0046873c8908a14953fd5dba03db185cc03203a6f8dfc04a7a89e3175b996d1_s390x" }, "product_reference": "rhacm2/search-aggregator-rhel8@sha256:d0046873c8908a14953fd5dba03db185cc03203a6f8dfc04a7a89e3175b996d1_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-aggregator-rhel8@sha256:d0b22f1a90f86f059ecb5e3f9804e5f4f258860c05c4e5bab529e8335e5fee43_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0b22f1a90f86f059ecb5e3f9804e5f4f258860c05c4e5bab529e8335e5fee43_amd64" }, "product_reference": "rhacm2/search-aggregator-rhel8@sha256:d0b22f1a90f86f059ecb5e3f9804e5f4f258860c05c4e5bab529e8335e5fee43_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-aggregator-rhel8@sha256:e2b942ae1857e40d3dc15162f6f9d4b05dc92a8e75afdcbca525998d4282ef77_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:e2b942ae1857e40d3dc15162f6f9d4b05dc92a8e75afdcbca525998d4282ef77_ppc64le" }, "product_reference": "rhacm2/search-aggregator-rhel8@sha256:e2b942ae1857e40d3dc15162f6f9d4b05dc92a8e75afdcbca525998d4282ef77_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-api-rhel8@sha256:03babfd516fb03138e7905763019ee7445f0834ee03fa9b36acbe547b88db585_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:03babfd516fb03138e7905763019ee7445f0834ee03fa9b36acbe547b88db585_amd64" }, "product_reference": "rhacm2/search-api-rhel8@sha256:03babfd516fb03138e7905763019ee7445f0834ee03fa9b36acbe547b88db585_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-api-rhel8@sha256:3f44de1b10f85e2a44359c9e25ae6ce4faf706cd81b70bca95ff4ae3fb9b254c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:3f44de1b10f85e2a44359c9e25ae6ce4faf706cd81b70bca95ff4ae3fb9b254c_s390x" }, "product_reference": "rhacm2/search-api-rhel8@sha256:3f44de1b10f85e2a44359c9e25ae6ce4faf706cd81b70bca95ff4ae3fb9b254c_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-api-rhel8@sha256:b5e103054a90859a0aadbd5d4c46a7c2133dce45527ccd8d07154fb000bf037c_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:b5e103054a90859a0aadbd5d4c46a7c2133dce45527ccd8d07154fb000bf037c_arm64" }, "product_reference": "rhacm2/search-api-rhel8@sha256:b5e103054a90859a0aadbd5d4c46a7c2133dce45527ccd8d07154fb000bf037c_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-api-rhel8@sha256:d415463470dec22e2274919cfa6cfd5c8c35cccce6fe7fe7a90a440241ffcb65_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:d415463470dec22e2274919cfa6cfd5c8c35cccce6fe7fe7a90a440241ffcb65_ppc64le" }, "product_reference": "rhacm2/search-api-rhel8@sha256:d415463470dec22e2274919cfa6cfd5c8c35cccce6fe7fe7a90a440241ffcb65_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-collector-rhel8@sha256:0b3b741a2d2fd6b7cca299646441fa03a4ca0229b8de03079e12daf57aee6104_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:0b3b741a2d2fd6b7cca299646441fa03a4ca0229b8de03079e12daf57aee6104_s390x" }, "product_reference": "rhacm2/search-collector-rhel8@sha256:0b3b741a2d2fd6b7cca299646441fa03a4ca0229b8de03079e12daf57aee6104_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-collector-rhel8@sha256:459f91281392b438603910cb677a377b2883cd260c2d46ab906d9347a02c9fc1_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:459f91281392b438603910cb677a377b2883cd260c2d46ab906d9347a02c9fc1_ppc64le" }, "product_reference": "rhacm2/search-collector-rhel8@sha256:459f91281392b438603910cb677a377b2883cd260c2d46ab906d9347a02c9fc1_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-collector-rhel8@sha256:bdbda0f7f9806be66b080f531890526d1380b9140bdd542e246805dac310b89d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:bdbda0f7f9806be66b080f531890526d1380b9140bdd542e246805dac310b89d_amd64" }, "product_reference": "rhacm2/search-collector-rhel8@sha256:bdbda0f7f9806be66b080f531890526d1380b9140bdd542e246805dac310b89d_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-collector-rhel8@sha256:be16218b938e657441a9b780fe92d26767102ee93cafde62b1976b17189d6aac_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:be16218b938e657441a9b780fe92d26767102ee93cafde62b1976b17189d6aac_arm64" }, "product_reference": "rhacm2/search-collector-rhel8@sha256:be16218b938e657441a9b780fe92d26767102ee93cafde62b1976b17189d6aac_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-rhel8@sha256:19830c18e9a70beaf9330bc653141d3822c74a5d292f03b9c6058ba4be09652e_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:19830c18e9a70beaf9330bc653141d3822c74a5d292f03b9c6058ba4be09652e_arm64" }, "product_reference": "rhacm2/search-rhel8@sha256:19830c18e9a70beaf9330bc653141d3822c74a5d292f03b9c6058ba4be09652e_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-rhel8@sha256:275f8f27ab73f5171a8ea5fffbbcba642bb01ae11d9d149fafa6e1dd4b4c5791_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:275f8f27ab73f5171a8ea5fffbbcba642bb01ae11d9d149fafa6e1dd4b4c5791_amd64" }, "product_reference": "rhacm2/search-rhel8@sha256:275f8f27ab73f5171a8ea5fffbbcba642bb01ae11d9d149fafa6e1dd4b4c5791_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-rhel8@sha256:6c32554ccf469c233348a45dd488b401ad61d4117cc7e3522e923e0adfda8916_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:6c32554ccf469c233348a45dd488b401ad61d4117cc7e3522e923e0adfda8916_ppc64le" }, "product_reference": "rhacm2/search-rhel8@sha256:6c32554ccf469c233348a45dd488b401ad61d4117cc7e3522e923e0adfda8916_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-rhel8@sha256:ca6764cb3a434226041841770ff985784d45767700d7a1dc572591d7d9d171f2_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:ca6764cb3a434226041841770ff985784d45767700d7a1dc572591d7d9d171f2_s390x" }, "product_reference": "rhacm2/search-rhel8@sha256:ca6764cb3a434226041841770ff985784d45767700d7a1dc572591d7d9d171f2_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/submariner-addon-rhel8@sha256:56ef39f2ca620582acb64dd973bcd15711ab02673fc8f507120341a6ac53307b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:56ef39f2ca620582acb64dd973bcd15711ab02673fc8f507120341a6ac53307b_s390x" }, "product_reference": "rhacm2/submariner-addon-rhel8@sha256:56ef39f2ca620582acb64dd973bcd15711ab02673fc8f507120341a6ac53307b_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/submariner-addon-rhel8@sha256:64b4788f45a57c43a12352786c4ac950fb21c6a51b42783317eae87ddf10c39d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:64b4788f45a57c43a12352786c4ac950fb21c6a51b42783317eae87ddf10c39d_ppc64le" }, "product_reference": "rhacm2/submariner-addon-rhel8@sha256:64b4788f45a57c43a12352786c4ac950fb21c6a51b42783317eae87ddf10c39d_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/submariner-addon-rhel8@sha256:a851e729650262102533517f91659d24871ee2c0f3c35359bcf5262adc8d6868_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:a851e729650262102533517f91659d24871ee2c0f3c35359bcf5262adc8d6868_arm64" }, "product_reference": "rhacm2/submariner-addon-rhel8@sha256:a851e729650262102533517f91659d24871ee2c0f3c35359bcf5262adc8d6868_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/submariner-addon-rhel8@sha256:d609766fe2beae5170015ee27e7c557b811a47e429428d95f506c032be0b1fb6_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:d609766fe2beae5170015ee27e7c557b811a47e429428d95f506c032be0b1fb6_amd64" }, "product_reference": "rhacm2/submariner-addon-rhel8@sha256:d609766fe2beae5170015ee27e7c557b811a47e429428d95f506c032be0b1fb6_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:662be434583da6cf319324720d9ac637e8ad63170d47b23a4fe5eb7e8ee2d1b8_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:662be434583da6cf319324720d9ac637e8ad63170d47b23a4fe5eb7e8ee2d1b8_s390x" }, "product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:662be434583da6cf319324720d9ac637e8ad63170d47b23a4fe5eb7e8ee2d1b8_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:73ebc2239443c185e46239ebc1100b8c945701b26f8eca31a13b4718c2b2a512_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:73ebc2239443c185e46239ebc1100b8c945701b26f8eca31a13b4718c2b2a512_amd64" }, "product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:73ebc2239443c185e46239ebc1100b8c945701b26f8eca31a13b4718c2b2a512_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:877f6c17034ee9b91211e642fe2bf4a60532067a0874e100fa2c317e114da2e2_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:877f6c17034ee9b91211e642fe2bf4a60532067a0874e100fa2c317e114da2e2_ppc64le" }, "product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:877f6c17034ee9b91211e642fe2bf4a60532067a0874e100fa2c317e114da2e2_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:df585f1b565b00bf7d07bc0ac4c31d8b0ce34065e4efe8a3750b6345a35c97fb_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:df585f1b565b00bf7d07bc0ac4c31d8b0ce34065e4efe8a3750b6345a35c97fb_arm64" }, "product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:df585f1b565b00bf7d07bc0ac4c31d8b0ce34065e4efe8a3750b6345a35c97fb_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-rhel8@sha256:1cbda1caf9aac22cae15476d2ab6b8f8df4b25fdbaf539df72725351e1504433_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:1cbda1caf9aac22cae15476d2ab6b8f8df4b25fdbaf539df72725351e1504433_ppc64le" }, "product_reference": "rhacm2/thanos-rhel8@sha256:1cbda1caf9aac22cae15476d2ab6b8f8df4b25fdbaf539df72725351e1504433_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-rhel8@sha256:2ba9a97653636b22fc917df5eb7909daae38c0de2e369df9646e845d6ffccd2f_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:2ba9a97653636b22fc917df5eb7909daae38c0de2e369df9646e845d6ffccd2f_arm64" }, "product_reference": "rhacm2/thanos-rhel8@sha256:2ba9a97653636b22fc917df5eb7909daae38c0de2e369df9646e845d6ffccd2f_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-rhel8@sha256:76e0bcee8c17bdafa057def3bf3cdb0086b5c6098fac58b2474d431cf848750f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:76e0bcee8c17bdafa057def3bf3cdb0086b5c6098fac58b2474d431cf848750f_s390x" }, "product_reference": "rhacm2/thanos-rhel8@sha256:76e0bcee8c17bdafa057def3bf3cdb0086b5c6098fac58b2474d431cf848750f_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-rhel8@sha256:e630b7df73c9b5e73f1406c6de80d951c8562aa6e6763803f0563a86d15616a0_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:e630b7df73c9b5e73f1406c6de80d951c8562aa6e6763803f0563a86d15616a0_amd64" }, "product_reference": "rhacm2/thanos-rhel8@sha256:e630b7df73c9b5e73f1406c6de80d951c8562aa6e6763803f0563a86d15616a0_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:35fc6c2de10172bfa9ec042d332219ceded91e0ec65c3e65837e37679ef1e891_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:509ed58ef39b05d6a7a5a24804a44c99111a8529e76a41b27e4995c1dd314cbe_arm64", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:c1941e25531233a823280f6c564e207c7147104945418bbe4212da5ca609b5fb_s390x", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:f0db22323708e3c01a45d2d129ea9f3c677f99dd132c7e2dd941fb52a119c4b2_amd64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:43eefdc422f15d49b0e22fbc2b0cf59430a73c897562f5672ab816de1ef628ca_s390x", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:90e5bc363390f6caf6e8979cd4deb6b6a457aae0d3d8962e51fde933e25a7e55_arm64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:99af8ed5f5123f8800465545d96e08b65ec8ad2adb59dfdb03f0a8c0062478b9_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:f4a12750af0ff96c6d674f3b1b54fc003d430264dfb123f1475ca0f96dd74d35_amd64", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:5fc53fbfd6f4db093c4b759572ffe552edfb14a7d90f4a7e7159886a0cf8b934_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:6b5550b372570898f0d5b3dcae9252faf5b96252b6e943abffb8d99e110f4ea6_arm64", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:79d17fcb99890489ef19b29aefdf559ce8105f204c2e9d241153368f1b70b7a9_s390x", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:a37b17c006729fdfc830302c225a7dbb954730a43dc33d853b2338733b9ff50b_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:379b0f178959b082d2b718bc89e8af9491ea75c48f131f6771294c7028c6c480_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:4250f5cde3f6f70c34b7fe503fb4c838682cfb04ab5c9febe9a7455b841422f6_s390x", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:958e3848e2e4ef8fab390e4fc15f106616e5b6e1313f8f6d8b347b0b83c80636_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:35bb8ab4899ede811e586e30ba45c7b794b80e76bec005878095ad798358221b_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:d39f60038997f995a159e1f9f7d58838f4bea27feec43061399ac0b49a4283dc_arm64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:da218dc1cc58c7522b230869b09c837f50b91e790afc5e2ebcbc8bf217fcaf7b_s390x", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:f9f9884131d2eb8ce10ee141009aa0e90bd9ce5408d05fc448983524f48aa612_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:1410f6af450d9fefbd6f8618981865e8fd4e0d3f1c7fc5ab052b128bb358bdb3_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:917e5e88a3e32a81d4819a019c246c09ebc2ffee6ef0e04e5be50b809dddfb17_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:b36ca60719f6cb6051f0f67ab9064b18ae59cbcebea14663b76b7889c798f14c_arm64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:de87edacf2754ee62bfab323e5729f6a79b8ffcc8b0d89a106653400b5cb22e1_s390x", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:2eaefe3d0a04912a54e68fc1c6e7d51d5ef05c93e07da9861cd82f87e6baf22a_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:44fbdb06ae27304f5c2adfc1c4cc1982ba0fb3f91fc41dddd015981312f7f697_amd64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:52dc4e94bf039195a43998446c2424e736f301ca033fc387c4a908851bf3bb52_arm64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:da2b284230284bbbf8d67cd54af44f75b9c56d0de52f85f3b2b31461a2a7933a_s390x", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:4d054d8dc6d907fa0b5d02aea550906912bf65bc7c1278aa83d70ad0a1abd9eb_amd64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:52c5ab4725cc1a317981a3d647fd2a39e314bc33942a01b19c650d0e26e0ec00_arm64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:8b5e8a7050ac5a5ea4cd1df3de6e58446b082c94af8f0185f89c27090a2a02b4_ppc64le", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:a3a843254a247d6bf8c12af97c7f9bb7cd41b6aa04d791370af4bc454de0062f_s390x", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:486b767a84eabfc0b0cff6c960e0c45cffb964435d87edc594e92b736bc188a7_arm64", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:78db56efe92cdbcb02b90a01f5810f340870f8ea65ce13d64968c8f35388dc40_ppc64le", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:a5280612e833e10f950729983478a6252aaa62490091696d913f41225816ff9e_s390x", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:c92e05f3c0858aed85e4152f29e6ec964e9f5de60fe828e6776e0b24daabb9f8_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:32a2410084b0e02ace6a50d2f94369b1013f191e996c779067af2dd6d5ef704a_s390x", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:3d6d6e470b58e7653bd9baf271201354ce1cc92d5ffffd45085bb23597c86fbc_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:5701b2728c757feb707eab33cdd06b3709cd0b99a7c1030856c1d86fadb50dd3_arm64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:58327cbc796e527bf108ffa08907a9592860afa2d9761ae6ef6ebfe581fadf4f_ppc64le", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:08873157eef623ceb3482d49e7d13db26954c995afda3ed7c9bb54f327c87558_ppc64le", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:22806dc757bbb6f43c300aabb10fe07ed1067fadbdd67205906784a4f6545e05_amd64", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:74718380683dd2ad8bba18ae57e7573a4d9d835a4a48de51fec2d20e78c2f7b1_s390x", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:ab839da8f703bce3801f7b7b8360ad32c359af63d798a78001f8b22829b2e8eb_arm64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:09844b79501670871afa69e546a19eebfb318ad218196d99776f5c71828a01b9_amd64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:38faff6ab482a1e40288ffc32084e06a228827aeccd3fcd456321ce3c3220d51_arm64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:6b5cb903d4b108c98672bae1b09d37254cb45ec0140d895aa109f757a74e3900_s390x", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:8a76f978de734da792cdceb8f84fccec344b191755976050cfb914990a11f474_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:4b98fddbadd599896e3b764b46c8540a4d479508c2bae373acce62a9a3136838_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:7695a160568b7ec52f8325da984abd4e6703289040020c8c63d146833d34109d_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:b185bd32f1cbeeca19da72b8b60910203963d048f01b3c5333475c539bacab6e_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:e8ba00af597c421fddb15ec1c0bbabc0f4f20d5f5536fcca8741c55d05494f41_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:534bfeddcdb71e091d41fecff793d6a6fce0515e5429845b0e865aa1b5dfdb62_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:66c686412add02b3cf62fbe1dcb7374b1349d82f64e1f3360aa342f464ea2662_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:71853feadcde144e2b483b1643b1234c61adc46b6a0ec87d28c5a3dc9cd17b28_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:e35071bdb532d8d9dbe8b592746d746e67e19dc6c909168f6f7b7faedd4145fe_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:4fbedcad245f1c178f8f561d1362bd99fe0b0df72a4d8133f51fabe83417a023_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:b5e47e37536797e7875c91eccb911a10c0ef31ae161985967a02ce5f907c117d_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:de8da7ee86e521d9dd0f5c35c0a7cb519c3a0e8e68ff1102e937a49609c8c342_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:f1d9e1277d505d99cd3bcb3dc67708ed1e40041058dc97c59886363569f92019_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:37aecc338a66d9d2918242f2f9ba24211bb0f4e95e3913458492caca2e5862fd_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:512a9ccdab049b9777745360f882f9a2784622f66c406fe68d7a5f7efb8b6c1d_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:c1860c9dbe1ba622761ab2fd1612053b28ac979724e6f76e7022de99f936602e_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:e605a7da078a386a33cdb0873c02a7e81ed7d34d723e3a739f93c693dd56c3a7_ppc64le", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:127dc3f02371ab5275f612a0bf2ecabcd679401ea9e5a2af8619c849d2fc412a_amd64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:1e31ff088aaae7fcf90251e0c13be9b550d25253dffc190b7c69a5bd916cb0e4_ppc64le", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:2f44dc093a0eb977805cd5c5392fb2b7f8cdc421e240f5d9ab1bcb30a9c4b603_arm64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:bf4643c1013541a05f93cc0ee72c6d2969984d8e540a270b12438fcaad07d674_s390x", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:4030115941676ce2b4579eeca2cecefc064cc9b1e37be547040c31c97f8e19a5_ppc64le", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:aa2dcc759acefe7597bc6994e5596fe36951a0829cbc808797b120dea2b5041a_amd64", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:bd7e3ead4913728b2add04d2fe0674f8aef38903cb3391c10179a50dd8ed3fd7_arm64", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:e948ee3817a6438e113c3aa2cd0143d407f9a6c271d5a65bbee5cd7b36475b5d_s390x", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:26572690e8f1e22cd5a05ae603246cfced69d4cb90136acc8ac9069cc51b3bd0_amd64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:2d28a9c2bcf4a880988127333244505a91e7efdfaf06958fec7b8560ac6a964c_s390x", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:aaec109d6c7aedad7befccfae92d3f63f8f06d4536a2cad8690686ce89c26bc6_arm64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:d0a4a3f76ccbe6054bb94a2552232fdd46fca7ae2d45dde52ab90efae88470e8_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:0e561b7cfc68fa380ee5939d1b03566adccd7bc3d11ae39796a7816240a29c42_s390x", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:4b903438e95bf786c9121da5381476a9a52e43958a6c3d472fe590e35a7972d6_arm64", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:a23f9b106eb71077ad517a9a2699ff427881c50a27d67d005ba9270180ec3f04_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:c069fcd028b17cfa9ac3ee28648739fb786effe22d54cad579f9476254d410d7_amd64", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:01785c91ce63587118e914d6af9f8fb6e2e47a1727ce95191fb7077ffad11699_s390x", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:384b8e10a099f9233e210e4e34e1ae900cc9fd7dd7fbdfd5977819266a56554f_arm64", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7221c60e55a7911f94a218bce6fb7acda4877e04077ed1b9c51b6c6b2777b4a2_ppc64le", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7b44376ec7e52275050c4d9de1da8116f87c95526fcbeb3cbcd148ddf4b1bf01_amd64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:0a9b1f967ec37ab3dc38e4ed20c717b0c0e70dffa17133651227c7cd0b8f69bf_arm64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:10174a096f4b4c5e7c0a723a1d497fc2a756e3e22415b507e791c81037073946_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:622310ec3df5b379aee757687115d4e7799bfb48e55875fe2c541206886a4bfc_amd64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:e476cd6b1eff4afc3826a2e16ad7dd6f0bff6af911ff4b82723f0841c156cfc2_s390x", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:10ee1e8513214127bc1699fd1d537925f80e4932c97df339e02e34348e8ce9f7_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:73044ccae125bd75b599567d0ebf08f133757fcba55c3d033144782a42492118_arm64", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:cb1920014ca8188f09fea9006545dbc19a2920672402cae098f163b3299fe49a_s390x", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:ecbc5d6d1814a32c662b6fbfb1c77cac0b8a32de69ce205b41389ee370154e06_amd64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:0dcc4996e914351bda366dd983d487eafa663aca34d1c2b40ba7f77a6a9f36f4_amd64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:51c011ba509cbadc16a96db1e8c3354c2d01e2449773a037824a6c310f46fead_ppc64le", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:597f2508e90795625da2fb1e84421f82998d388a28ae87100bcf46620268fbac_arm64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:7689e721b67e11fe79e1280c8158ccad5b5b0e65dc0b063823b39ee404929d9d_s390x", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:290dc7f6a9e14c7e1f43716d06a15b5cf5f202b88606d239bf69cf6baec72161_s390x", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:621499f5e4008d5da2f747c71df84fc22c61d384472a175ff4974c607b58bab0_amd64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:866ef7961bdeda5dec501f8dd492e69aad1a3b18cb9c7e37d9379228aa335040_arm64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:aa993ba23cc6f0390bcbfaa46b029dae0da77a3722ddf0a35fd3a2235ae8ce0e_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:03c1ed5a3abeb0db4c1ed42e5e1b3fa230421150d010127316b4ec73e00f044b_s390x", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:1f8d388d0c13f3bef77b5e279533fb6065998dd1cd66ad1781781bf88952a3df_arm64", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:25b0a82c5cd1eaa022bd551f9528392c91eff31a76993614583994ea1eebf40e_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:e8f25ff1fb58264ea5b64e745b195a3d4f033a9f5cb570b2dc58f7470de0557b_amd64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:4b8124d8d4274ab1500fa638daf8199aeb8e3cbc56b1ac79f826b4a999c1cd3a_s390x", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:5530070a303d20029eead66535b0a071058ae26cd2ac975a36933ea1e4c9441f_ppc64le", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:5a6483cb82b488f18e0d7756c13bfdb50fa4acf9f4483f636b7412fd0361bf1e_amd64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:e4b4c766030aad5767a67b930a964395339b1e7b4c66b1a2e9a19c11898b602e_arm64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:348e8b1b310718ac9816ab857b7ea7c8f027d61c9ace2b6219e58192411d37b2_amd64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:701c7efa2696815961d21469a355c8450f03548a36e72713b34b303aa8892541_arm64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:8a1df5b72b8a54c5db4adb393754a62345c8e7ef2b8daa83043e465d99acf6d2_s390x", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:975c0658f16447d7de03e5aa9ded283d52bbe6b94265fa1144b282e09db5759b_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:3b40707f382a9664f7a2c8cb75805f98fe596a92765a1dd538b890bfc8a2a332_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:3fc8fb7098d191415b8971e984582cf8056d351d77025d642f7130ee1c1101d3_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:8826ffc8cbe73575575474ab3f5c51a1236ca0562ed402fe6807501851515249_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:f3a6ac6fd1755690595a563766bf4257bf5f61c476e2c7975a10346a2a2fa9cc_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:37c6618c92bfa78cf1b2c1ab8627ffe7acf4e153c9ea5edf9e421561754398bf_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:58de3caca958225eae8b4921bfdb5ea71be9129dda5a276e59ff5e1ad1946c66_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:8d8f269b883f3226a7701840175dac7b869f443cab0e0d67611062c68c5e35a3_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:e50c3b1377578b4a7e2ea75df60a6e61383d68c9881c1b301211baae548d5f2b_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:5a269382be7cc13f315ca5f3b3d1f14ee1c7ddce06d00be7844346cc33bda9c5_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:5ec1419cc2667ae09fbd9957b078bb9095464f54eef6c6473162f50b195d1091_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:914e579180c28e319070e8ccfd2d2f465c387e7fb00f9122a48dab8ff464569c_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:fe656727a6a4ddd9c301227e31c4ea5299633554bf3046fbdfccde3ace112d8c_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:1b0805e059570d78204cd90362abd5be51bae68ee6d68a16b7253a796e84ab95_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:530c3c831336ffb0489a05e03763f4e31f383aeef8f1a9dbd4c28831e58b44d2_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:7b5d82c9d8494e4f787906fad597ab7a89541d88d306f9f284c62db1b3f7d42f_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:bfc4b10237b98c70fd92b65a7e02de75bcb34a26f533108ff167af98f757930f_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:227fdaa5391412ef2743fb19e7e7660a7e7f97e644a6e9897eee6412b363055d_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:53bf2997e049408b56a112d4686344abfa3d0440287aeb005f257fea535e9372_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:66e88b74afb4b1d7ee4d83e47cff514234ce36ff61e5a50110963edcadcac52a_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:c2dc27eb7c085d404b4aa5c57ef863f8a26c59752891084675c3c510357a3792_s390x", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:2d40857f0ab5b654c9fed86007e943269e691e424bdd34a37a4391e469b85b6f_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:32d499aedd997fd35f6c2de27c6f835322604d7a354b981be381fbf09d3cf047_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:8062f267637743e41199ecd33d2c3c2341039ff1ab048d5d4af250c484da44f9_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:8952c04ed09cff20fe17a2e21c36498fa70a600906a36de2da210d13f839b4f4_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:31465d39e7f1687ba4700772bfebc8b75c22cff405a7f2bca79d25f6631c7ef7_amd64", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:3f428d7013475ab40bb3fd43b665bad9c68cc87b65056b08ea0eb1db3ce9b5b9_ppc64le", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:888418f0fbe551a235ca2e31472caba76a9a44b7a98f2257b43f236dd08a638c_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:d44b0945138804cb66c77a025634c0602203c0f949c5af8e963fdd6706c6ba2f_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:43bbf7abf149072af9b440ba006e20a36e7adcfdd136c75914aacd166d0e7300_s390x", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:56c5a37ca143e8f66bb6b4fb44d15192bd9105dd29de3f886d2b0a829031fca8_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:5cbed421779d0dabbbb3d64346e5d0a3a2210822f19fd08963c87c1ea131bc82_amd64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:9e6d72947023881793fb2862c796fcc7bb779b950c1549ffad6ac5d8e857af7d_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:3a2fdbb6fd11298f9c3c839ef986e6d922434a0e06c0ad991453b605f0a98c75_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:40e5c987cdc42805e4ba160761cd56521023cb541701186efeebf83d42fd2e95_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:85e91086e8fd262482177ab8704ea07b879356f8e55f1a204b3300c52f04b953_s390x", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:a293b2ecc7d1c0941be72b715eca800b5aac0a02b7f6f28731a25153d7445d52_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:4276ed80b39eb7f35426b57e6505457256fd5533bf060f6e8c6562b966474d2f_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:8dde4f312bdfc72eb84bcbf4ccd6f8f7fc3dee8f82b84aac4c661c05d2669546_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:b117eb50400df9af256f117f84db65fcebdd24a9e7e8c7065bea6f81a8958777_ppc64le", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:f15ba82a509069bce631869a418e505f5a3ef67f33ae1b02d09d33558ffc2f15_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:619c7f6f37801ab2a3b0a38780c4be8015b98d6409ade233490162ddf27491a4_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:7e5f3f691625772d6f3363116a56d88d244f6552c59b6a2aa0d9cbc4a416ac1e_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:b0be4aa03a021f62b8bceb029aa3baef4f86be280c2bcc9255454f40c345a46a_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:fef8c54ad6a80b4b983824c47a608a5c862c4d9cbcf419e5810955ff762cdc92_ppc64le", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:553aaf0de45b0fd73522e45e500ff06e383b7851050bf7355856146575f93dcb_arm64", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:8afdaa5fe85f2e1b34c5f567e46458a9e80d666034144f32beb0d7dc66fb5ffa_ppc64le", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:c23546c1fbd394f9a736a00ab41404874b5a38fb43f6ae6be666a892163fc95b_s390x", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:ee07d3b2bf79e91cae5e430a6fe7d34523218f0d9dc4a913c3457f6cdf4450f9_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:29c4fb7279a7fa5c186459035a6a4dfc58b5fcb5cd0c40cfd889cbb181a3f310_arm64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:af50cae15ba3dd44784d1d6a0b3f5492453f0aaf6ea8a54464c9e3184e266d14_ppc64le", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:c84a948c57f07dbdb9c71184b01c839fcf50f59cae2ac11961746c78fab9812e_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:d19c4ecc6436c20e109ea34e7b4c9d247cfae129111ac2ec458bb8a5598e0465_s390x", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:7ac4f7ff93bd61adbb93c550e5f414123db49de12fa10db36c0eccb7934b04bf_arm64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0046873c8908a14953fd5dba03db185cc03203a6f8dfc04a7a89e3175b996d1_s390x", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0b22f1a90f86f059ecb5e3f9804e5f4f258860c05c4e5bab529e8335e5fee43_amd64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:e2b942ae1857e40d3dc15162f6f9d4b05dc92a8e75afdcbca525998d4282ef77_ppc64le", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:03babfd516fb03138e7905763019ee7445f0834ee03fa9b36acbe547b88db585_amd64", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:3f44de1b10f85e2a44359c9e25ae6ce4faf706cd81b70bca95ff4ae3fb9b254c_s390x", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:b5e103054a90859a0aadbd5d4c46a7c2133dce45527ccd8d07154fb000bf037c_arm64", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:d415463470dec22e2274919cfa6cfd5c8c35cccce6fe7fe7a90a440241ffcb65_ppc64le", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:0b3b741a2d2fd6b7cca299646441fa03a4ca0229b8de03079e12daf57aee6104_s390x", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:459f91281392b438603910cb677a377b2883cd260c2d46ab906d9347a02c9fc1_ppc64le", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:bdbda0f7f9806be66b080f531890526d1380b9140bdd542e246805dac310b89d_amd64", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:be16218b938e657441a9b780fe92d26767102ee93cafde62b1976b17189d6aac_arm64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:19830c18e9a70beaf9330bc653141d3822c74a5d292f03b9c6058ba4be09652e_arm64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:275f8f27ab73f5171a8ea5fffbbcba642bb01ae11d9d149fafa6e1dd4b4c5791_amd64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:6c32554ccf469c233348a45dd488b401ad61d4117cc7e3522e923e0adfda8916_ppc64le", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:ca6764cb3a434226041841770ff985784d45767700d7a1dc572591d7d9d171f2_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:56ef39f2ca620582acb64dd973bcd15711ab02673fc8f507120341a6ac53307b_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:64b4788f45a57c43a12352786c4ac950fb21c6a51b42783317eae87ddf10c39d_ppc64le", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:a851e729650262102533517f91659d24871ee2c0f3c35359bcf5262adc8d6868_arm64", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:d609766fe2beae5170015ee27e7c557b811a47e429428d95f506c032be0b1fb6_amd64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:662be434583da6cf319324720d9ac637e8ad63170d47b23a4fe5eb7e8ee2d1b8_s390x", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:73ebc2239443c185e46239ebc1100b8c945701b26f8eca31a13b4718c2b2a512_amd64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:877f6c17034ee9b91211e642fe2bf4a60532067a0874e100fa2c317e114da2e2_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:df585f1b565b00bf7d07bc0ac4c31d8b0ce34065e4efe8a3750b6345a35c97fb_arm64", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:1cbda1caf9aac22cae15476d2ab6b8f8df4b25fdbaf539df72725351e1504433_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:2ba9a97653636b22fc917df5eb7909daae38c0de2e369df9646e845d6ffccd2f_arm64", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:76e0bcee8c17bdafa057def3bf3cdb0086b5c6098fac58b2474d431cf848750f_s390x", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:e630b7df73c9b5e73f1406c6de80d951c8562aa6e6763803f0563a86d15616a0_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-12-14T22:38:40+00:00", "details": "For Red Hat Advanced Cluster Management for Kubernetes, see the following\ndocumentation, which will be updated shortly for this release, for important\ninstructions on installing this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:35fc6c2de10172bfa9ec042d332219ceded91e0ec65c3e65837e37679ef1e891_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:509ed58ef39b05d6a7a5a24804a44c99111a8529e76a41b27e4995c1dd314cbe_arm64", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:c1941e25531233a823280f6c564e207c7147104945418bbe4212da5ca609b5fb_s390x", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:f0db22323708e3c01a45d2d129ea9f3c677f99dd132c7e2dd941fb52a119c4b2_amd64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:43eefdc422f15d49b0e22fbc2b0cf59430a73c897562f5672ab816de1ef628ca_s390x", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:90e5bc363390f6caf6e8979cd4deb6b6a457aae0d3d8962e51fde933e25a7e55_arm64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:99af8ed5f5123f8800465545d96e08b65ec8ad2adb59dfdb03f0a8c0062478b9_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:f4a12750af0ff96c6d674f3b1b54fc003d430264dfb123f1475ca0f96dd74d35_amd64", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:5fc53fbfd6f4db093c4b759572ffe552edfb14a7d90f4a7e7159886a0cf8b934_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:6b5550b372570898f0d5b3dcae9252faf5b96252b6e943abffb8d99e110f4ea6_arm64", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:79d17fcb99890489ef19b29aefdf559ce8105f204c2e9d241153368f1b70b7a9_s390x", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:a37b17c006729fdfc830302c225a7dbb954730a43dc33d853b2338733b9ff50b_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:379b0f178959b082d2b718bc89e8af9491ea75c48f131f6771294c7028c6c480_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:4250f5cde3f6f70c34b7fe503fb4c838682cfb04ab5c9febe9a7455b841422f6_s390x", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:958e3848e2e4ef8fab390e4fc15f106616e5b6e1313f8f6d8b347b0b83c80636_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:35bb8ab4899ede811e586e30ba45c7b794b80e76bec005878095ad798358221b_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:d39f60038997f995a159e1f9f7d58838f4bea27feec43061399ac0b49a4283dc_arm64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:da218dc1cc58c7522b230869b09c837f50b91e790afc5e2ebcbc8bf217fcaf7b_s390x", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:f9f9884131d2eb8ce10ee141009aa0e90bd9ce5408d05fc448983524f48aa612_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:1410f6af450d9fefbd6f8618981865e8fd4e0d3f1c7fc5ab052b128bb358bdb3_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:917e5e88a3e32a81d4819a019c246c09ebc2ffee6ef0e04e5be50b809dddfb17_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:b36ca60719f6cb6051f0f67ab9064b18ae59cbcebea14663b76b7889c798f14c_arm64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:de87edacf2754ee62bfab323e5729f6a79b8ffcc8b0d89a106653400b5cb22e1_s390x", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:2eaefe3d0a04912a54e68fc1c6e7d51d5ef05c93e07da9861cd82f87e6baf22a_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:44fbdb06ae27304f5c2adfc1c4cc1982ba0fb3f91fc41dddd015981312f7f697_amd64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:52dc4e94bf039195a43998446c2424e736f301ca033fc387c4a908851bf3bb52_arm64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:da2b284230284bbbf8d67cd54af44f75b9c56d0de52f85f3b2b31461a2a7933a_s390x", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:4d054d8dc6d907fa0b5d02aea550906912bf65bc7c1278aa83d70ad0a1abd9eb_amd64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:52c5ab4725cc1a317981a3d647fd2a39e314bc33942a01b19c650d0e26e0ec00_arm64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:8b5e8a7050ac5a5ea4cd1df3de6e58446b082c94af8f0185f89c27090a2a02b4_ppc64le", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:a3a843254a247d6bf8c12af97c7f9bb7cd41b6aa04d791370af4bc454de0062f_s390x", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:486b767a84eabfc0b0cff6c960e0c45cffb964435d87edc594e92b736bc188a7_arm64", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:78db56efe92cdbcb02b90a01f5810f340870f8ea65ce13d64968c8f35388dc40_ppc64le", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:a5280612e833e10f950729983478a6252aaa62490091696d913f41225816ff9e_s390x", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:c92e05f3c0858aed85e4152f29e6ec964e9f5de60fe828e6776e0b24daabb9f8_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:32a2410084b0e02ace6a50d2f94369b1013f191e996c779067af2dd6d5ef704a_s390x", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:3d6d6e470b58e7653bd9baf271201354ce1cc92d5ffffd45085bb23597c86fbc_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:5701b2728c757feb707eab33cdd06b3709cd0b99a7c1030856c1d86fadb50dd3_arm64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:58327cbc796e527bf108ffa08907a9592860afa2d9761ae6ef6ebfe581fadf4f_ppc64le", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:08873157eef623ceb3482d49e7d13db26954c995afda3ed7c9bb54f327c87558_ppc64le", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:22806dc757bbb6f43c300aabb10fe07ed1067fadbdd67205906784a4f6545e05_amd64", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:74718380683dd2ad8bba18ae57e7573a4d9d835a4a48de51fec2d20e78c2f7b1_s390x", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:ab839da8f703bce3801f7b7b8360ad32c359af63d798a78001f8b22829b2e8eb_arm64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:09844b79501670871afa69e546a19eebfb318ad218196d99776f5c71828a01b9_amd64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:38faff6ab482a1e40288ffc32084e06a228827aeccd3fcd456321ce3c3220d51_arm64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:6b5cb903d4b108c98672bae1b09d37254cb45ec0140d895aa109f757a74e3900_s390x", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:8a76f978de734da792cdceb8f84fccec344b191755976050cfb914990a11f474_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:4b98fddbadd599896e3b764b46c8540a4d479508c2bae373acce62a9a3136838_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:7695a160568b7ec52f8325da984abd4e6703289040020c8c63d146833d34109d_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:b185bd32f1cbeeca19da72b8b60910203963d048f01b3c5333475c539bacab6e_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:e8ba00af597c421fddb15ec1c0bbabc0f4f20d5f5536fcca8741c55d05494f41_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:534bfeddcdb71e091d41fecff793d6a6fce0515e5429845b0e865aa1b5dfdb62_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:66c686412add02b3cf62fbe1dcb7374b1349d82f64e1f3360aa342f464ea2662_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:71853feadcde144e2b483b1643b1234c61adc46b6a0ec87d28c5a3dc9cd17b28_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:e35071bdb532d8d9dbe8b592746d746e67e19dc6c909168f6f7b7faedd4145fe_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:4fbedcad245f1c178f8f561d1362bd99fe0b0df72a4d8133f51fabe83417a023_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:b5e47e37536797e7875c91eccb911a10c0ef31ae161985967a02ce5f907c117d_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:de8da7ee86e521d9dd0f5c35c0a7cb519c3a0e8e68ff1102e937a49609c8c342_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:f1d9e1277d505d99cd3bcb3dc67708ed1e40041058dc97c59886363569f92019_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:37aecc338a66d9d2918242f2f9ba24211bb0f4e95e3913458492caca2e5862fd_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:512a9ccdab049b9777745360f882f9a2784622f66c406fe68d7a5f7efb8b6c1d_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:c1860c9dbe1ba622761ab2fd1612053b28ac979724e6f76e7022de99f936602e_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:e605a7da078a386a33cdb0873c02a7e81ed7d34d723e3a739f93c693dd56c3a7_ppc64le", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:127dc3f02371ab5275f612a0bf2ecabcd679401ea9e5a2af8619c849d2fc412a_amd64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:1e31ff088aaae7fcf90251e0c13be9b550d25253dffc190b7c69a5bd916cb0e4_ppc64le", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:2f44dc093a0eb977805cd5c5392fb2b7f8cdc421e240f5d9ab1bcb30a9c4b603_arm64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:bf4643c1013541a05f93cc0ee72c6d2969984d8e540a270b12438fcaad07d674_s390x", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:4030115941676ce2b4579eeca2cecefc064cc9b1e37be547040c31c97f8e19a5_ppc64le", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:aa2dcc759acefe7597bc6994e5596fe36951a0829cbc808797b120dea2b5041a_amd64", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:bd7e3ead4913728b2add04d2fe0674f8aef38903cb3391c10179a50dd8ed3fd7_arm64", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:e948ee3817a6438e113c3aa2cd0143d407f9a6c271d5a65bbee5cd7b36475b5d_s390x", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:26572690e8f1e22cd5a05ae603246cfced69d4cb90136acc8ac9069cc51b3bd0_amd64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:2d28a9c2bcf4a880988127333244505a91e7efdfaf06958fec7b8560ac6a964c_s390x", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:aaec109d6c7aedad7befccfae92d3f63f8f06d4536a2cad8690686ce89c26bc6_arm64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:d0a4a3f76ccbe6054bb94a2552232fdd46fca7ae2d45dde52ab90efae88470e8_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:0e561b7cfc68fa380ee5939d1b03566adccd7bc3d11ae39796a7816240a29c42_s390x", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:4b903438e95bf786c9121da5381476a9a52e43958a6c3d472fe590e35a7972d6_arm64", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:a23f9b106eb71077ad517a9a2699ff427881c50a27d67d005ba9270180ec3f04_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:c069fcd028b17cfa9ac3ee28648739fb786effe22d54cad579f9476254d410d7_amd64", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:01785c91ce63587118e914d6af9f8fb6e2e47a1727ce95191fb7077ffad11699_s390x", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:384b8e10a099f9233e210e4e34e1ae900cc9fd7dd7fbdfd5977819266a56554f_arm64", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7221c60e55a7911f94a218bce6fb7acda4877e04077ed1b9c51b6c6b2777b4a2_ppc64le", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7b44376ec7e52275050c4d9de1da8116f87c95526fcbeb3cbcd148ddf4b1bf01_amd64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:0a9b1f967ec37ab3dc38e4ed20c717b0c0e70dffa17133651227c7cd0b8f69bf_arm64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:10174a096f4b4c5e7c0a723a1d497fc2a756e3e22415b507e791c81037073946_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:622310ec3df5b379aee757687115d4e7799bfb48e55875fe2c541206886a4bfc_amd64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:e476cd6b1eff4afc3826a2e16ad7dd6f0bff6af911ff4b82723f0841c156cfc2_s390x", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:10ee1e8513214127bc1699fd1d537925f80e4932c97df339e02e34348e8ce9f7_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:73044ccae125bd75b599567d0ebf08f133757fcba55c3d033144782a42492118_arm64", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:cb1920014ca8188f09fea9006545dbc19a2920672402cae098f163b3299fe49a_s390x", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:ecbc5d6d1814a32c662b6fbfb1c77cac0b8a32de69ce205b41389ee370154e06_amd64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:0dcc4996e914351bda366dd983d487eafa663aca34d1c2b40ba7f77a6a9f36f4_amd64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:51c011ba509cbadc16a96db1e8c3354c2d01e2449773a037824a6c310f46fead_ppc64le", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:597f2508e90795625da2fb1e84421f82998d388a28ae87100bcf46620268fbac_arm64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:7689e721b67e11fe79e1280c8158ccad5b5b0e65dc0b063823b39ee404929d9d_s390x", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:290dc7f6a9e14c7e1f43716d06a15b5cf5f202b88606d239bf69cf6baec72161_s390x", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:621499f5e4008d5da2f747c71df84fc22c61d384472a175ff4974c607b58bab0_amd64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:866ef7961bdeda5dec501f8dd492e69aad1a3b18cb9c7e37d9379228aa335040_arm64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:aa993ba23cc6f0390bcbfaa46b029dae0da77a3722ddf0a35fd3a2235ae8ce0e_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:03c1ed5a3abeb0db4c1ed42e5e1b3fa230421150d010127316b4ec73e00f044b_s390x", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:1f8d388d0c13f3bef77b5e279533fb6065998dd1cd66ad1781781bf88952a3df_arm64", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:25b0a82c5cd1eaa022bd551f9528392c91eff31a76993614583994ea1eebf40e_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:e8f25ff1fb58264ea5b64e745b195a3d4f033a9f5cb570b2dc58f7470de0557b_amd64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:4b8124d8d4274ab1500fa638daf8199aeb8e3cbc56b1ac79f826b4a999c1cd3a_s390x", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:5530070a303d20029eead66535b0a071058ae26cd2ac975a36933ea1e4c9441f_ppc64le", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:5a6483cb82b488f18e0d7756c13bfdb50fa4acf9f4483f636b7412fd0361bf1e_amd64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:e4b4c766030aad5767a67b930a964395339b1e7b4c66b1a2e9a19c11898b602e_arm64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:348e8b1b310718ac9816ab857b7ea7c8f027d61c9ace2b6219e58192411d37b2_amd64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:701c7efa2696815961d21469a355c8450f03548a36e72713b34b303aa8892541_arm64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:8a1df5b72b8a54c5db4adb393754a62345c8e7ef2b8daa83043e465d99acf6d2_s390x", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:975c0658f16447d7de03e5aa9ded283d52bbe6b94265fa1144b282e09db5759b_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:3b40707f382a9664f7a2c8cb75805f98fe596a92765a1dd538b890bfc8a2a332_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:3fc8fb7098d191415b8971e984582cf8056d351d77025d642f7130ee1c1101d3_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:8826ffc8cbe73575575474ab3f5c51a1236ca0562ed402fe6807501851515249_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:f3a6ac6fd1755690595a563766bf4257bf5f61c476e2c7975a10346a2a2fa9cc_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:37c6618c92bfa78cf1b2c1ab8627ffe7acf4e153c9ea5edf9e421561754398bf_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:58de3caca958225eae8b4921bfdb5ea71be9129dda5a276e59ff5e1ad1946c66_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:8d8f269b883f3226a7701840175dac7b869f443cab0e0d67611062c68c5e35a3_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:e50c3b1377578b4a7e2ea75df60a6e61383d68c9881c1b301211baae548d5f2b_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:5a269382be7cc13f315ca5f3b3d1f14ee1c7ddce06d00be7844346cc33bda9c5_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:5ec1419cc2667ae09fbd9957b078bb9095464f54eef6c6473162f50b195d1091_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:914e579180c28e319070e8ccfd2d2f465c387e7fb00f9122a48dab8ff464569c_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:fe656727a6a4ddd9c301227e31c4ea5299633554bf3046fbdfccde3ace112d8c_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:1b0805e059570d78204cd90362abd5be51bae68ee6d68a16b7253a796e84ab95_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:530c3c831336ffb0489a05e03763f4e31f383aeef8f1a9dbd4c28831e58b44d2_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:7b5d82c9d8494e4f787906fad597ab7a89541d88d306f9f284c62db1b3f7d42f_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:bfc4b10237b98c70fd92b65a7e02de75bcb34a26f533108ff167af98f757930f_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:227fdaa5391412ef2743fb19e7e7660a7e7f97e644a6e9897eee6412b363055d_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:53bf2997e049408b56a112d4686344abfa3d0440287aeb005f257fea535e9372_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:66e88b74afb4b1d7ee4d83e47cff514234ce36ff61e5a50110963edcadcac52a_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:c2dc27eb7c085d404b4aa5c57ef863f8a26c59752891084675c3c510357a3792_s390x", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:2d40857f0ab5b654c9fed86007e943269e691e424bdd34a37a4391e469b85b6f_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:32d499aedd997fd35f6c2de27c6f835322604d7a354b981be381fbf09d3cf047_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:8062f267637743e41199ecd33d2c3c2341039ff1ab048d5d4af250c484da44f9_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:8952c04ed09cff20fe17a2e21c36498fa70a600906a36de2da210d13f839b4f4_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:31465d39e7f1687ba4700772bfebc8b75c22cff405a7f2bca79d25f6631c7ef7_amd64", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:3f428d7013475ab40bb3fd43b665bad9c68cc87b65056b08ea0eb1db3ce9b5b9_ppc64le", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:888418f0fbe551a235ca2e31472caba76a9a44b7a98f2257b43f236dd08a638c_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:d44b0945138804cb66c77a025634c0602203c0f949c5af8e963fdd6706c6ba2f_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:43bbf7abf149072af9b440ba006e20a36e7adcfdd136c75914aacd166d0e7300_s390x", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:56c5a37ca143e8f66bb6b4fb44d15192bd9105dd29de3f886d2b0a829031fca8_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:5cbed421779d0dabbbb3d64346e5d0a3a2210822f19fd08963c87c1ea131bc82_amd64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:9e6d72947023881793fb2862c796fcc7bb779b950c1549ffad6ac5d8e857af7d_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:3a2fdbb6fd11298f9c3c839ef986e6d922434a0e06c0ad991453b605f0a98c75_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:40e5c987cdc42805e4ba160761cd56521023cb541701186efeebf83d42fd2e95_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:85e91086e8fd262482177ab8704ea07b879356f8e55f1a204b3300c52f04b953_s390x", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:a293b2ecc7d1c0941be72b715eca800b5aac0a02b7f6f28731a25153d7445d52_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:4276ed80b39eb7f35426b57e6505457256fd5533bf060f6e8c6562b966474d2f_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:8dde4f312bdfc72eb84bcbf4ccd6f8f7fc3dee8f82b84aac4c661c05d2669546_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:b117eb50400df9af256f117f84db65fcebdd24a9e7e8c7065bea6f81a8958777_ppc64le", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:f15ba82a509069bce631869a418e505f5a3ef67f33ae1b02d09d33558ffc2f15_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:619c7f6f37801ab2a3b0a38780c4be8015b98d6409ade233490162ddf27491a4_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:7e5f3f691625772d6f3363116a56d88d244f6552c59b6a2aa0d9cbc4a416ac1e_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:b0be4aa03a021f62b8bceb029aa3baef4f86be280c2bcc9255454f40c345a46a_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:fef8c54ad6a80b4b983824c47a608a5c862c4d9cbcf419e5810955ff762cdc92_ppc64le", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:553aaf0de45b0fd73522e45e500ff06e383b7851050bf7355856146575f93dcb_arm64", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:8afdaa5fe85f2e1b34c5f567e46458a9e80d666034144f32beb0d7dc66fb5ffa_ppc64le", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:c23546c1fbd394f9a736a00ab41404874b5a38fb43f6ae6be666a892163fc95b_s390x", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:ee07d3b2bf79e91cae5e430a6fe7d34523218f0d9dc4a913c3457f6cdf4450f9_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:29c4fb7279a7fa5c186459035a6a4dfc58b5fcb5cd0c40cfd889cbb181a3f310_arm64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:af50cae15ba3dd44784d1d6a0b3f5492453f0aaf6ea8a54464c9e3184e266d14_ppc64le", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:c84a948c57f07dbdb9c71184b01c839fcf50f59cae2ac11961746c78fab9812e_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:d19c4ecc6436c20e109ea34e7b4c9d247cfae129111ac2ec458bb8a5598e0465_s390x", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:7ac4f7ff93bd61adbb93c550e5f414123db49de12fa10db36c0eccb7934b04bf_arm64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0046873c8908a14953fd5dba03db185cc03203a6f8dfc04a7a89e3175b996d1_s390x", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0b22f1a90f86f059ecb5e3f9804e5f4f258860c05c4e5bab529e8335e5fee43_amd64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:e2b942ae1857e40d3dc15162f6f9d4b05dc92a8e75afdcbca525998d4282ef77_ppc64le", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:03babfd516fb03138e7905763019ee7445f0834ee03fa9b36acbe547b88db585_amd64", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:3f44de1b10f85e2a44359c9e25ae6ce4faf706cd81b70bca95ff4ae3fb9b254c_s390x", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:b5e103054a90859a0aadbd5d4c46a7c2133dce45527ccd8d07154fb000bf037c_arm64", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:d415463470dec22e2274919cfa6cfd5c8c35cccce6fe7fe7a90a440241ffcb65_ppc64le", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:0b3b741a2d2fd6b7cca299646441fa03a4ca0229b8de03079e12daf57aee6104_s390x", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:459f91281392b438603910cb677a377b2883cd260c2d46ab906d9347a02c9fc1_ppc64le", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:bdbda0f7f9806be66b080f531890526d1380b9140bdd542e246805dac310b89d_amd64", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:be16218b938e657441a9b780fe92d26767102ee93cafde62b1976b17189d6aac_arm64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:19830c18e9a70beaf9330bc653141d3822c74a5d292f03b9c6058ba4be09652e_arm64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:275f8f27ab73f5171a8ea5fffbbcba642bb01ae11d9d149fafa6e1dd4b4c5791_amd64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:6c32554ccf469c233348a45dd488b401ad61d4117cc7e3522e923e0adfda8916_ppc64le", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:ca6764cb3a434226041841770ff985784d45767700d7a1dc572591d7d9d171f2_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:56ef39f2ca620582acb64dd973bcd15711ab02673fc8f507120341a6ac53307b_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:64b4788f45a57c43a12352786c4ac950fb21c6a51b42783317eae87ddf10c39d_ppc64le", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:a851e729650262102533517f91659d24871ee2c0f3c35359bcf5262adc8d6868_arm64", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:d609766fe2beae5170015ee27e7c557b811a47e429428d95f506c032be0b1fb6_amd64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:662be434583da6cf319324720d9ac637e8ad63170d47b23a4fe5eb7e8ee2d1b8_s390x", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:73ebc2239443c185e46239ebc1100b8c945701b26f8eca31a13b4718c2b2a512_amd64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:877f6c17034ee9b91211e642fe2bf4a60532067a0874e100fa2c317e114da2e2_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:df585f1b565b00bf7d07bc0ac4c31d8b0ce34065e4efe8a3750b6345a35c97fb_arm64", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:1cbda1caf9aac22cae15476d2ab6b8f8df4b25fdbaf539df72725351e1504433_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:2ba9a97653636b22fc917df5eb7909daae38c0de2e369df9646e845d6ffccd2f_arm64", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:76e0bcee8c17bdafa057def3bf3cdb0086b5c6098fac58b2474d431cf848750f_s390x", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:e630b7df73c9b5e73f1406c6de80d951c8562aa6e6763803f0563a86d15616a0_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:9040" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:35fc6c2de10172bfa9ec042d332219ceded91e0ec65c3e65837e37679ef1e891_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:509ed58ef39b05d6a7a5a24804a44c99111a8529e76a41b27e4995c1dd314cbe_arm64", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:c1941e25531233a823280f6c564e207c7147104945418bbe4212da5ca609b5fb_s390x", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:f0db22323708e3c01a45d2d129ea9f3c677f99dd132c7e2dd941fb52a119c4b2_amd64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:43eefdc422f15d49b0e22fbc2b0cf59430a73c897562f5672ab816de1ef628ca_s390x", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:90e5bc363390f6caf6e8979cd4deb6b6a457aae0d3d8962e51fde933e25a7e55_arm64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:99af8ed5f5123f8800465545d96e08b65ec8ad2adb59dfdb03f0a8c0062478b9_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:f4a12750af0ff96c6d674f3b1b54fc003d430264dfb123f1475ca0f96dd74d35_amd64", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:5fc53fbfd6f4db093c4b759572ffe552edfb14a7d90f4a7e7159886a0cf8b934_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:6b5550b372570898f0d5b3dcae9252faf5b96252b6e943abffb8d99e110f4ea6_arm64", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:79d17fcb99890489ef19b29aefdf559ce8105f204c2e9d241153368f1b70b7a9_s390x", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:a37b17c006729fdfc830302c225a7dbb954730a43dc33d853b2338733b9ff50b_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:379b0f178959b082d2b718bc89e8af9491ea75c48f131f6771294c7028c6c480_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:4250f5cde3f6f70c34b7fe503fb4c838682cfb04ab5c9febe9a7455b841422f6_s390x", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:958e3848e2e4ef8fab390e4fc15f106616e5b6e1313f8f6d8b347b0b83c80636_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:35bb8ab4899ede811e586e30ba45c7b794b80e76bec005878095ad798358221b_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:d39f60038997f995a159e1f9f7d58838f4bea27feec43061399ac0b49a4283dc_arm64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:da218dc1cc58c7522b230869b09c837f50b91e790afc5e2ebcbc8bf217fcaf7b_s390x", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:f9f9884131d2eb8ce10ee141009aa0e90bd9ce5408d05fc448983524f48aa612_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:1410f6af450d9fefbd6f8618981865e8fd4e0d3f1c7fc5ab052b128bb358bdb3_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:917e5e88a3e32a81d4819a019c246c09ebc2ffee6ef0e04e5be50b809dddfb17_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:b36ca60719f6cb6051f0f67ab9064b18ae59cbcebea14663b76b7889c798f14c_arm64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:de87edacf2754ee62bfab323e5729f6a79b8ffcc8b0d89a106653400b5cb22e1_s390x", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:2eaefe3d0a04912a54e68fc1c6e7d51d5ef05c93e07da9861cd82f87e6baf22a_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:44fbdb06ae27304f5c2adfc1c4cc1982ba0fb3f91fc41dddd015981312f7f697_amd64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:52dc4e94bf039195a43998446c2424e736f301ca033fc387c4a908851bf3bb52_arm64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:da2b284230284bbbf8d67cd54af44f75b9c56d0de52f85f3b2b31461a2a7933a_s390x", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:4d054d8dc6d907fa0b5d02aea550906912bf65bc7c1278aa83d70ad0a1abd9eb_amd64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:52c5ab4725cc1a317981a3d647fd2a39e314bc33942a01b19c650d0e26e0ec00_arm64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:8b5e8a7050ac5a5ea4cd1df3de6e58446b082c94af8f0185f89c27090a2a02b4_ppc64le", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:a3a843254a247d6bf8c12af97c7f9bb7cd41b6aa04d791370af4bc454de0062f_s390x", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:486b767a84eabfc0b0cff6c960e0c45cffb964435d87edc594e92b736bc188a7_arm64", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:78db56efe92cdbcb02b90a01f5810f340870f8ea65ce13d64968c8f35388dc40_ppc64le", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:a5280612e833e10f950729983478a6252aaa62490091696d913f41225816ff9e_s390x", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:c92e05f3c0858aed85e4152f29e6ec964e9f5de60fe828e6776e0b24daabb9f8_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:32a2410084b0e02ace6a50d2f94369b1013f191e996c779067af2dd6d5ef704a_s390x", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:3d6d6e470b58e7653bd9baf271201354ce1cc92d5ffffd45085bb23597c86fbc_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:5701b2728c757feb707eab33cdd06b3709cd0b99a7c1030856c1d86fadb50dd3_arm64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:58327cbc796e527bf108ffa08907a9592860afa2d9761ae6ef6ebfe581fadf4f_ppc64le", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:08873157eef623ceb3482d49e7d13db26954c995afda3ed7c9bb54f327c87558_ppc64le", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:22806dc757bbb6f43c300aabb10fe07ed1067fadbdd67205906784a4f6545e05_amd64", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:74718380683dd2ad8bba18ae57e7573a4d9d835a4a48de51fec2d20e78c2f7b1_s390x", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:ab839da8f703bce3801f7b7b8360ad32c359af63d798a78001f8b22829b2e8eb_arm64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:09844b79501670871afa69e546a19eebfb318ad218196d99776f5c71828a01b9_amd64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:38faff6ab482a1e40288ffc32084e06a228827aeccd3fcd456321ce3c3220d51_arm64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:6b5cb903d4b108c98672bae1b09d37254cb45ec0140d895aa109f757a74e3900_s390x", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:8a76f978de734da792cdceb8f84fccec344b191755976050cfb914990a11f474_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:4b98fddbadd599896e3b764b46c8540a4d479508c2bae373acce62a9a3136838_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:7695a160568b7ec52f8325da984abd4e6703289040020c8c63d146833d34109d_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:b185bd32f1cbeeca19da72b8b60910203963d048f01b3c5333475c539bacab6e_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:e8ba00af597c421fddb15ec1c0bbabc0f4f20d5f5536fcca8741c55d05494f41_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:534bfeddcdb71e091d41fecff793d6a6fce0515e5429845b0e865aa1b5dfdb62_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:66c686412add02b3cf62fbe1dcb7374b1349d82f64e1f3360aa342f464ea2662_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:71853feadcde144e2b483b1643b1234c61adc46b6a0ec87d28c5a3dc9cd17b28_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:e35071bdb532d8d9dbe8b592746d746e67e19dc6c909168f6f7b7faedd4145fe_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:4fbedcad245f1c178f8f561d1362bd99fe0b0df72a4d8133f51fabe83417a023_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:b5e47e37536797e7875c91eccb911a10c0ef31ae161985967a02ce5f907c117d_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:de8da7ee86e521d9dd0f5c35c0a7cb519c3a0e8e68ff1102e937a49609c8c342_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:f1d9e1277d505d99cd3bcb3dc67708ed1e40041058dc97c59886363569f92019_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:37aecc338a66d9d2918242f2f9ba24211bb0f4e95e3913458492caca2e5862fd_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:512a9ccdab049b9777745360f882f9a2784622f66c406fe68d7a5f7efb8b6c1d_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:c1860c9dbe1ba622761ab2fd1612053b28ac979724e6f76e7022de99f936602e_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:e605a7da078a386a33cdb0873c02a7e81ed7d34d723e3a739f93c693dd56c3a7_ppc64le", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:127dc3f02371ab5275f612a0bf2ecabcd679401ea9e5a2af8619c849d2fc412a_amd64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:1e31ff088aaae7fcf90251e0c13be9b550d25253dffc190b7c69a5bd916cb0e4_ppc64le", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:2f44dc093a0eb977805cd5c5392fb2b7f8cdc421e240f5d9ab1bcb30a9c4b603_arm64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:bf4643c1013541a05f93cc0ee72c6d2969984d8e540a270b12438fcaad07d674_s390x", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:4030115941676ce2b4579eeca2cecefc064cc9b1e37be547040c31c97f8e19a5_ppc64le", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:aa2dcc759acefe7597bc6994e5596fe36951a0829cbc808797b120dea2b5041a_amd64", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:bd7e3ead4913728b2add04d2fe0674f8aef38903cb3391c10179a50dd8ed3fd7_arm64", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:e948ee3817a6438e113c3aa2cd0143d407f9a6c271d5a65bbee5cd7b36475b5d_s390x", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:26572690e8f1e22cd5a05ae603246cfced69d4cb90136acc8ac9069cc51b3bd0_amd64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:2d28a9c2bcf4a880988127333244505a91e7efdfaf06958fec7b8560ac6a964c_s390x", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:aaec109d6c7aedad7befccfae92d3f63f8f06d4536a2cad8690686ce89c26bc6_arm64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:d0a4a3f76ccbe6054bb94a2552232fdd46fca7ae2d45dde52ab90efae88470e8_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:0e561b7cfc68fa380ee5939d1b03566adccd7bc3d11ae39796a7816240a29c42_s390x", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:4b903438e95bf786c9121da5381476a9a52e43958a6c3d472fe590e35a7972d6_arm64", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:a23f9b106eb71077ad517a9a2699ff427881c50a27d67d005ba9270180ec3f04_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:c069fcd028b17cfa9ac3ee28648739fb786effe22d54cad579f9476254d410d7_amd64", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:01785c91ce63587118e914d6af9f8fb6e2e47a1727ce95191fb7077ffad11699_s390x", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:384b8e10a099f9233e210e4e34e1ae900cc9fd7dd7fbdfd5977819266a56554f_arm64", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7221c60e55a7911f94a218bce6fb7acda4877e04077ed1b9c51b6c6b2777b4a2_ppc64le", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7b44376ec7e52275050c4d9de1da8116f87c95526fcbeb3cbcd148ddf4b1bf01_amd64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:0a9b1f967ec37ab3dc38e4ed20c717b0c0e70dffa17133651227c7cd0b8f69bf_arm64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:10174a096f4b4c5e7c0a723a1d497fc2a756e3e22415b507e791c81037073946_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:622310ec3df5b379aee757687115d4e7799bfb48e55875fe2c541206886a4bfc_amd64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:e476cd6b1eff4afc3826a2e16ad7dd6f0bff6af911ff4b82723f0841c156cfc2_s390x", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:10ee1e8513214127bc1699fd1d537925f80e4932c97df339e02e34348e8ce9f7_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:73044ccae125bd75b599567d0ebf08f133757fcba55c3d033144782a42492118_arm64", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:cb1920014ca8188f09fea9006545dbc19a2920672402cae098f163b3299fe49a_s390x", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:ecbc5d6d1814a32c662b6fbfb1c77cac0b8a32de69ce205b41389ee370154e06_amd64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:0dcc4996e914351bda366dd983d487eafa663aca34d1c2b40ba7f77a6a9f36f4_amd64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:51c011ba509cbadc16a96db1e8c3354c2d01e2449773a037824a6c310f46fead_ppc64le", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:597f2508e90795625da2fb1e84421f82998d388a28ae87100bcf46620268fbac_arm64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:7689e721b67e11fe79e1280c8158ccad5b5b0e65dc0b063823b39ee404929d9d_s390x", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:290dc7f6a9e14c7e1f43716d06a15b5cf5f202b88606d239bf69cf6baec72161_s390x", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:621499f5e4008d5da2f747c71df84fc22c61d384472a175ff4974c607b58bab0_amd64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:866ef7961bdeda5dec501f8dd492e69aad1a3b18cb9c7e37d9379228aa335040_arm64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:aa993ba23cc6f0390bcbfaa46b029dae0da77a3722ddf0a35fd3a2235ae8ce0e_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:03c1ed5a3abeb0db4c1ed42e5e1b3fa230421150d010127316b4ec73e00f044b_s390x", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:1f8d388d0c13f3bef77b5e279533fb6065998dd1cd66ad1781781bf88952a3df_arm64", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:25b0a82c5cd1eaa022bd551f9528392c91eff31a76993614583994ea1eebf40e_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:e8f25ff1fb58264ea5b64e745b195a3d4f033a9f5cb570b2dc58f7470de0557b_amd64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:4b8124d8d4274ab1500fa638daf8199aeb8e3cbc56b1ac79f826b4a999c1cd3a_s390x", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:5530070a303d20029eead66535b0a071058ae26cd2ac975a36933ea1e4c9441f_ppc64le", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:5a6483cb82b488f18e0d7756c13bfdb50fa4acf9f4483f636b7412fd0361bf1e_amd64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:e4b4c766030aad5767a67b930a964395339b1e7b4c66b1a2e9a19c11898b602e_arm64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:348e8b1b310718ac9816ab857b7ea7c8f027d61c9ace2b6219e58192411d37b2_amd64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:701c7efa2696815961d21469a355c8450f03548a36e72713b34b303aa8892541_arm64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:8a1df5b72b8a54c5db4adb393754a62345c8e7ef2b8daa83043e465d99acf6d2_s390x", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:975c0658f16447d7de03e5aa9ded283d52bbe6b94265fa1144b282e09db5759b_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:3b40707f382a9664f7a2c8cb75805f98fe596a92765a1dd538b890bfc8a2a332_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:3fc8fb7098d191415b8971e984582cf8056d351d77025d642f7130ee1c1101d3_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:8826ffc8cbe73575575474ab3f5c51a1236ca0562ed402fe6807501851515249_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:f3a6ac6fd1755690595a563766bf4257bf5f61c476e2c7975a10346a2a2fa9cc_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:37c6618c92bfa78cf1b2c1ab8627ffe7acf4e153c9ea5edf9e421561754398bf_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:58de3caca958225eae8b4921bfdb5ea71be9129dda5a276e59ff5e1ad1946c66_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:8d8f269b883f3226a7701840175dac7b869f443cab0e0d67611062c68c5e35a3_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:e50c3b1377578b4a7e2ea75df60a6e61383d68c9881c1b301211baae548d5f2b_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:5a269382be7cc13f315ca5f3b3d1f14ee1c7ddce06d00be7844346cc33bda9c5_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:5ec1419cc2667ae09fbd9957b078bb9095464f54eef6c6473162f50b195d1091_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:914e579180c28e319070e8ccfd2d2f465c387e7fb00f9122a48dab8ff464569c_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:fe656727a6a4ddd9c301227e31c4ea5299633554bf3046fbdfccde3ace112d8c_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:1b0805e059570d78204cd90362abd5be51bae68ee6d68a16b7253a796e84ab95_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:530c3c831336ffb0489a05e03763f4e31f383aeef8f1a9dbd4c28831e58b44d2_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:7b5d82c9d8494e4f787906fad597ab7a89541d88d306f9f284c62db1b3f7d42f_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:bfc4b10237b98c70fd92b65a7e02de75bcb34a26f533108ff167af98f757930f_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:227fdaa5391412ef2743fb19e7e7660a7e7f97e644a6e9897eee6412b363055d_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:53bf2997e049408b56a112d4686344abfa3d0440287aeb005f257fea535e9372_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:66e88b74afb4b1d7ee4d83e47cff514234ce36ff61e5a50110963edcadcac52a_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:c2dc27eb7c085d404b4aa5c57ef863f8a26c59752891084675c3c510357a3792_s390x", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:2d40857f0ab5b654c9fed86007e943269e691e424bdd34a37a4391e469b85b6f_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:32d499aedd997fd35f6c2de27c6f835322604d7a354b981be381fbf09d3cf047_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:8062f267637743e41199ecd33d2c3c2341039ff1ab048d5d4af250c484da44f9_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:8952c04ed09cff20fe17a2e21c36498fa70a600906a36de2da210d13f839b4f4_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:31465d39e7f1687ba4700772bfebc8b75c22cff405a7f2bca79d25f6631c7ef7_amd64", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:3f428d7013475ab40bb3fd43b665bad9c68cc87b65056b08ea0eb1db3ce9b5b9_ppc64le", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:888418f0fbe551a235ca2e31472caba76a9a44b7a98f2257b43f236dd08a638c_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:d44b0945138804cb66c77a025634c0602203c0f949c5af8e963fdd6706c6ba2f_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:43bbf7abf149072af9b440ba006e20a36e7adcfdd136c75914aacd166d0e7300_s390x", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:56c5a37ca143e8f66bb6b4fb44d15192bd9105dd29de3f886d2b0a829031fca8_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:5cbed421779d0dabbbb3d64346e5d0a3a2210822f19fd08963c87c1ea131bc82_amd64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:9e6d72947023881793fb2862c796fcc7bb779b950c1549ffad6ac5d8e857af7d_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:3a2fdbb6fd11298f9c3c839ef986e6d922434a0e06c0ad991453b605f0a98c75_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:40e5c987cdc42805e4ba160761cd56521023cb541701186efeebf83d42fd2e95_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:85e91086e8fd262482177ab8704ea07b879356f8e55f1a204b3300c52f04b953_s390x", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:a293b2ecc7d1c0941be72b715eca800b5aac0a02b7f6f28731a25153d7445d52_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:4276ed80b39eb7f35426b57e6505457256fd5533bf060f6e8c6562b966474d2f_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:8dde4f312bdfc72eb84bcbf4ccd6f8f7fc3dee8f82b84aac4c661c05d2669546_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:b117eb50400df9af256f117f84db65fcebdd24a9e7e8c7065bea6f81a8958777_ppc64le", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:f15ba82a509069bce631869a418e505f5a3ef67f33ae1b02d09d33558ffc2f15_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:619c7f6f37801ab2a3b0a38780c4be8015b98d6409ade233490162ddf27491a4_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:7e5f3f691625772d6f3363116a56d88d244f6552c59b6a2aa0d9cbc4a416ac1e_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:b0be4aa03a021f62b8bceb029aa3baef4f86be280c2bcc9255454f40c345a46a_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:fef8c54ad6a80b4b983824c47a608a5c862c4d9cbcf419e5810955ff762cdc92_ppc64le", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:553aaf0de45b0fd73522e45e500ff06e383b7851050bf7355856146575f93dcb_arm64", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:8afdaa5fe85f2e1b34c5f567e46458a9e80d666034144f32beb0d7dc66fb5ffa_ppc64le", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:c23546c1fbd394f9a736a00ab41404874b5a38fb43f6ae6be666a892163fc95b_s390x", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:ee07d3b2bf79e91cae5e430a6fe7d34523218f0d9dc4a913c3457f6cdf4450f9_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:29c4fb7279a7fa5c186459035a6a4dfc58b5fcb5cd0c40cfd889cbb181a3f310_arm64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:af50cae15ba3dd44784d1d6a0b3f5492453f0aaf6ea8a54464c9e3184e266d14_ppc64le", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:c84a948c57f07dbdb9c71184b01c839fcf50f59cae2ac11961746c78fab9812e_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:d19c4ecc6436c20e109ea34e7b4c9d247cfae129111ac2ec458bb8a5598e0465_s390x", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:7ac4f7ff93bd61adbb93c550e5f414123db49de12fa10db36c0eccb7934b04bf_arm64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0046873c8908a14953fd5dba03db185cc03203a6f8dfc04a7a89e3175b996d1_s390x", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0b22f1a90f86f059ecb5e3f9804e5f4f258860c05c4e5bab529e8335e5fee43_amd64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:e2b942ae1857e40d3dc15162f6f9d4b05dc92a8e75afdcbca525998d4282ef77_ppc64le", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:03babfd516fb03138e7905763019ee7445f0834ee03fa9b36acbe547b88db585_amd64", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:3f44de1b10f85e2a44359c9e25ae6ce4faf706cd81b70bca95ff4ae3fb9b254c_s390x", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:b5e103054a90859a0aadbd5d4c46a7c2133dce45527ccd8d07154fb000bf037c_arm64", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:d415463470dec22e2274919cfa6cfd5c8c35cccce6fe7fe7a90a440241ffcb65_ppc64le", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:0b3b741a2d2fd6b7cca299646441fa03a4ca0229b8de03079e12daf57aee6104_s390x", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:459f91281392b438603910cb677a377b2883cd260c2d46ab906d9347a02c9fc1_ppc64le", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:bdbda0f7f9806be66b080f531890526d1380b9140bdd542e246805dac310b89d_amd64", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:be16218b938e657441a9b780fe92d26767102ee93cafde62b1976b17189d6aac_arm64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:19830c18e9a70beaf9330bc653141d3822c74a5d292f03b9c6058ba4be09652e_arm64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:275f8f27ab73f5171a8ea5fffbbcba642bb01ae11d9d149fafa6e1dd4b4c5791_amd64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:6c32554ccf469c233348a45dd488b401ad61d4117cc7e3522e923e0adfda8916_ppc64le", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:ca6764cb3a434226041841770ff985784d45767700d7a1dc572591d7d9d171f2_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:56ef39f2ca620582acb64dd973bcd15711ab02673fc8f507120341a6ac53307b_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:64b4788f45a57c43a12352786c4ac950fb21c6a51b42783317eae87ddf10c39d_ppc64le", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:a851e729650262102533517f91659d24871ee2c0f3c35359bcf5262adc8d6868_arm64", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:d609766fe2beae5170015ee27e7c557b811a47e429428d95f506c032be0b1fb6_amd64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:662be434583da6cf319324720d9ac637e8ad63170d47b23a4fe5eb7e8ee2d1b8_s390x", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:73ebc2239443c185e46239ebc1100b8c945701b26f8eca31a13b4718c2b2a512_amd64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:877f6c17034ee9b91211e642fe2bf4a60532067a0874e100fa2c317e114da2e2_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:df585f1b565b00bf7d07bc0ac4c31d8b0ce34065e4efe8a3750b6345a35c97fb_arm64", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:1cbda1caf9aac22cae15476d2ab6b8f8df4b25fdbaf539df72725351e1504433_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:2ba9a97653636b22fc917df5eb7909daae38c0de2e369df9646e845d6ffccd2f_arm64", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:76e0bcee8c17bdafa057def3bf3cdb0086b5c6098fac58b2474d431cf848750f_s390x", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:e630b7df73c9b5e73f1406c6de80d951c8562aa6e6763803f0563a86d15616a0_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "cve": "CVE-2022-41912", "cwe": { "id": "CWE-165", "name": "Improper Neutralization of Multiple Internal Special Elements" }, "discovery_date": "2022-11-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2149181" } ], "notes": [ { "category": "description", "text": "An authentication bypass flaw was discovered in the crewjam/saml go package. A remote unauthenticated attacker could trigger it by sending a SAML request. This would allow an escalation of privileges and then enable compromising system integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements", "title": "Vulnerability summary" }, { "category": "other", "text": "Whilst the Red Hat Advanced Cluster Management for Kubernetes (RHACM) acm-grafana container include the vulnerable underscore library, the access to it is protected by OpenShift OAuth. Therefore the impact by this flaw is reduced from Critical to Important.\n\nThe OCP grafana-container includes the vulnerable underscore library, the access to it is protected by OpenShift OAuth. Therefore the impact by this flaw is reduced from Critical to Important.\n\nWhile Red Hat Ceph Storage 4\u0027s grafana-container includes the affected code, this is used for logging and limits access to the rest of the Ceph cluster. Thus the impact has been reduced from critical to important. Red Hat Ceph Storage 3 and 4 do not use crewjam/saml in their version of grafana.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:35fc6c2de10172bfa9ec042d332219ceded91e0ec65c3e65837e37679ef1e891_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:509ed58ef39b05d6a7a5a24804a44c99111a8529e76a41b27e4995c1dd314cbe_arm64", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:c1941e25531233a823280f6c564e207c7147104945418bbe4212da5ca609b5fb_s390x", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:f0db22323708e3c01a45d2d129ea9f3c677f99dd132c7e2dd941fb52a119c4b2_amd64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:43eefdc422f15d49b0e22fbc2b0cf59430a73c897562f5672ab816de1ef628ca_s390x", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:90e5bc363390f6caf6e8979cd4deb6b6a457aae0d3d8962e51fde933e25a7e55_arm64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:99af8ed5f5123f8800465545d96e08b65ec8ad2adb59dfdb03f0a8c0062478b9_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:f4a12750af0ff96c6d674f3b1b54fc003d430264dfb123f1475ca0f96dd74d35_amd64", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:5fc53fbfd6f4db093c4b759572ffe552edfb14a7d90f4a7e7159886a0cf8b934_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:6b5550b372570898f0d5b3dcae9252faf5b96252b6e943abffb8d99e110f4ea6_arm64", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:79d17fcb99890489ef19b29aefdf559ce8105f204c2e9d241153368f1b70b7a9_s390x", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:a37b17c006729fdfc830302c225a7dbb954730a43dc33d853b2338733b9ff50b_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:379b0f178959b082d2b718bc89e8af9491ea75c48f131f6771294c7028c6c480_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:4250f5cde3f6f70c34b7fe503fb4c838682cfb04ab5c9febe9a7455b841422f6_s390x", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:958e3848e2e4ef8fab390e4fc15f106616e5b6e1313f8f6d8b347b0b83c80636_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:35bb8ab4899ede811e586e30ba45c7b794b80e76bec005878095ad798358221b_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:d39f60038997f995a159e1f9f7d58838f4bea27feec43061399ac0b49a4283dc_arm64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:da218dc1cc58c7522b230869b09c837f50b91e790afc5e2ebcbc8bf217fcaf7b_s390x", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:f9f9884131d2eb8ce10ee141009aa0e90bd9ce5408d05fc448983524f48aa612_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:1410f6af450d9fefbd6f8618981865e8fd4e0d3f1c7fc5ab052b128bb358bdb3_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:917e5e88a3e32a81d4819a019c246c09ebc2ffee6ef0e04e5be50b809dddfb17_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:b36ca60719f6cb6051f0f67ab9064b18ae59cbcebea14663b76b7889c798f14c_arm64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:de87edacf2754ee62bfab323e5729f6a79b8ffcc8b0d89a106653400b5cb22e1_s390x", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:2eaefe3d0a04912a54e68fc1c6e7d51d5ef05c93e07da9861cd82f87e6baf22a_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:44fbdb06ae27304f5c2adfc1c4cc1982ba0fb3f91fc41dddd015981312f7f697_amd64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:52dc4e94bf039195a43998446c2424e736f301ca033fc387c4a908851bf3bb52_arm64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:da2b284230284bbbf8d67cd54af44f75b9c56d0de52f85f3b2b31461a2a7933a_s390x", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:4d054d8dc6d907fa0b5d02aea550906912bf65bc7c1278aa83d70ad0a1abd9eb_amd64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:52c5ab4725cc1a317981a3d647fd2a39e314bc33942a01b19c650d0e26e0ec00_arm64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:8b5e8a7050ac5a5ea4cd1df3de6e58446b082c94af8f0185f89c27090a2a02b4_ppc64le", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:a3a843254a247d6bf8c12af97c7f9bb7cd41b6aa04d791370af4bc454de0062f_s390x", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:486b767a84eabfc0b0cff6c960e0c45cffb964435d87edc594e92b736bc188a7_arm64", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:78db56efe92cdbcb02b90a01f5810f340870f8ea65ce13d64968c8f35388dc40_ppc64le", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:a5280612e833e10f950729983478a6252aaa62490091696d913f41225816ff9e_s390x", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:c92e05f3c0858aed85e4152f29e6ec964e9f5de60fe828e6776e0b24daabb9f8_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:32a2410084b0e02ace6a50d2f94369b1013f191e996c779067af2dd6d5ef704a_s390x", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:3d6d6e470b58e7653bd9baf271201354ce1cc92d5ffffd45085bb23597c86fbc_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:5701b2728c757feb707eab33cdd06b3709cd0b99a7c1030856c1d86fadb50dd3_arm64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:58327cbc796e527bf108ffa08907a9592860afa2d9761ae6ef6ebfe581fadf4f_ppc64le", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:08873157eef623ceb3482d49e7d13db26954c995afda3ed7c9bb54f327c87558_ppc64le", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:22806dc757bbb6f43c300aabb10fe07ed1067fadbdd67205906784a4f6545e05_amd64", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:74718380683dd2ad8bba18ae57e7573a4d9d835a4a48de51fec2d20e78c2f7b1_s390x", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:ab839da8f703bce3801f7b7b8360ad32c359af63d798a78001f8b22829b2e8eb_arm64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:09844b79501670871afa69e546a19eebfb318ad218196d99776f5c71828a01b9_amd64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:38faff6ab482a1e40288ffc32084e06a228827aeccd3fcd456321ce3c3220d51_arm64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:6b5cb903d4b108c98672bae1b09d37254cb45ec0140d895aa109f757a74e3900_s390x", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:8a76f978de734da792cdceb8f84fccec344b191755976050cfb914990a11f474_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:4b98fddbadd599896e3b764b46c8540a4d479508c2bae373acce62a9a3136838_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:7695a160568b7ec52f8325da984abd4e6703289040020c8c63d146833d34109d_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:b185bd32f1cbeeca19da72b8b60910203963d048f01b3c5333475c539bacab6e_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:e8ba00af597c421fddb15ec1c0bbabc0f4f20d5f5536fcca8741c55d05494f41_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:534bfeddcdb71e091d41fecff793d6a6fce0515e5429845b0e865aa1b5dfdb62_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:66c686412add02b3cf62fbe1dcb7374b1349d82f64e1f3360aa342f464ea2662_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:71853feadcde144e2b483b1643b1234c61adc46b6a0ec87d28c5a3dc9cd17b28_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:e35071bdb532d8d9dbe8b592746d746e67e19dc6c909168f6f7b7faedd4145fe_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:4fbedcad245f1c178f8f561d1362bd99fe0b0df72a4d8133f51fabe83417a023_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:b5e47e37536797e7875c91eccb911a10c0ef31ae161985967a02ce5f907c117d_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:de8da7ee86e521d9dd0f5c35c0a7cb519c3a0e8e68ff1102e937a49609c8c342_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:f1d9e1277d505d99cd3bcb3dc67708ed1e40041058dc97c59886363569f92019_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:37aecc338a66d9d2918242f2f9ba24211bb0f4e95e3913458492caca2e5862fd_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:512a9ccdab049b9777745360f882f9a2784622f66c406fe68d7a5f7efb8b6c1d_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:c1860c9dbe1ba622761ab2fd1612053b28ac979724e6f76e7022de99f936602e_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:e605a7da078a386a33cdb0873c02a7e81ed7d34d723e3a739f93c693dd56c3a7_ppc64le", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:127dc3f02371ab5275f612a0bf2ecabcd679401ea9e5a2af8619c849d2fc412a_amd64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:1e31ff088aaae7fcf90251e0c13be9b550d25253dffc190b7c69a5bd916cb0e4_ppc64le", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:2f44dc093a0eb977805cd5c5392fb2b7f8cdc421e240f5d9ab1bcb30a9c4b603_arm64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:bf4643c1013541a05f93cc0ee72c6d2969984d8e540a270b12438fcaad07d674_s390x", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:4030115941676ce2b4579eeca2cecefc064cc9b1e37be547040c31c97f8e19a5_ppc64le", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:aa2dcc759acefe7597bc6994e5596fe36951a0829cbc808797b120dea2b5041a_amd64", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:bd7e3ead4913728b2add04d2fe0674f8aef38903cb3391c10179a50dd8ed3fd7_arm64", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:e948ee3817a6438e113c3aa2cd0143d407f9a6c271d5a65bbee5cd7b36475b5d_s390x", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:26572690e8f1e22cd5a05ae603246cfced69d4cb90136acc8ac9069cc51b3bd0_amd64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:2d28a9c2bcf4a880988127333244505a91e7efdfaf06958fec7b8560ac6a964c_s390x", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:aaec109d6c7aedad7befccfae92d3f63f8f06d4536a2cad8690686ce89c26bc6_arm64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:d0a4a3f76ccbe6054bb94a2552232fdd46fca7ae2d45dde52ab90efae88470e8_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:0e561b7cfc68fa380ee5939d1b03566adccd7bc3d11ae39796a7816240a29c42_s390x", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:4b903438e95bf786c9121da5381476a9a52e43958a6c3d472fe590e35a7972d6_arm64", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:a23f9b106eb71077ad517a9a2699ff427881c50a27d67d005ba9270180ec3f04_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:c069fcd028b17cfa9ac3ee28648739fb786effe22d54cad579f9476254d410d7_amd64", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:01785c91ce63587118e914d6af9f8fb6e2e47a1727ce95191fb7077ffad11699_s390x", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:384b8e10a099f9233e210e4e34e1ae900cc9fd7dd7fbdfd5977819266a56554f_arm64", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7221c60e55a7911f94a218bce6fb7acda4877e04077ed1b9c51b6c6b2777b4a2_ppc64le", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7b44376ec7e52275050c4d9de1da8116f87c95526fcbeb3cbcd148ddf4b1bf01_amd64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:0a9b1f967ec37ab3dc38e4ed20c717b0c0e70dffa17133651227c7cd0b8f69bf_arm64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:10174a096f4b4c5e7c0a723a1d497fc2a756e3e22415b507e791c81037073946_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:622310ec3df5b379aee757687115d4e7799bfb48e55875fe2c541206886a4bfc_amd64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:e476cd6b1eff4afc3826a2e16ad7dd6f0bff6af911ff4b82723f0841c156cfc2_s390x", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:10ee1e8513214127bc1699fd1d537925f80e4932c97df339e02e34348e8ce9f7_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:73044ccae125bd75b599567d0ebf08f133757fcba55c3d033144782a42492118_arm64", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:cb1920014ca8188f09fea9006545dbc19a2920672402cae098f163b3299fe49a_s390x", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:ecbc5d6d1814a32c662b6fbfb1c77cac0b8a32de69ce205b41389ee370154e06_amd64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:0dcc4996e914351bda366dd983d487eafa663aca34d1c2b40ba7f77a6a9f36f4_amd64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:51c011ba509cbadc16a96db1e8c3354c2d01e2449773a037824a6c310f46fead_ppc64le", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:597f2508e90795625da2fb1e84421f82998d388a28ae87100bcf46620268fbac_arm64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:7689e721b67e11fe79e1280c8158ccad5b5b0e65dc0b063823b39ee404929d9d_s390x", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:290dc7f6a9e14c7e1f43716d06a15b5cf5f202b88606d239bf69cf6baec72161_s390x", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:621499f5e4008d5da2f747c71df84fc22c61d384472a175ff4974c607b58bab0_amd64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:866ef7961bdeda5dec501f8dd492e69aad1a3b18cb9c7e37d9379228aa335040_arm64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:aa993ba23cc6f0390bcbfaa46b029dae0da77a3722ddf0a35fd3a2235ae8ce0e_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:03c1ed5a3abeb0db4c1ed42e5e1b3fa230421150d010127316b4ec73e00f044b_s390x", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:1f8d388d0c13f3bef77b5e279533fb6065998dd1cd66ad1781781bf88952a3df_arm64", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:25b0a82c5cd1eaa022bd551f9528392c91eff31a76993614583994ea1eebf40e_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:e8f25ff1fb58264ea5b64e745b195a3d4f033a9f5cb570b2dc58f7470de0557b_amd64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:4b8124d8d4274ab1500fa638daf8199aeb8e3cbc56b1ac79f826b4a999c1cd3a_s390x", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:5530070a303d20029eead66535b0a071058ae26cd2ac975a36933ea1e4c9441f_ppc64le", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:5a6483cb82b488f18e0d7756c13bfdb50fa4acf9f4483f636b7412fd0361bf1e_amd64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:e4b4c766030aad5767a67b930a964395339b1e7b4c66b1a2e9a19c11898b602e_arm64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:348e8b1b310718ac9816ab857b7ea7c8f027d61c9ace2b6219e58192411d37b2_amd64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:701c7efa2696815961d21469a355c8450f03548a36e72713b34b303aa8892541_arm64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:8a1df5b72b8a54c5db4adb393754a62345c8e7ef2b8daa83043e465d99acf6d2_s390x", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:975c0658f16447d7de03e5aa9ded283d52bbe6b94265fa1144b282e09db5759b_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:3b40707f382a9664f7a2c8cb75805f98fe596a92765a1dd538b890bfc8a2a332_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:3fc8fb7098d191415b8971e984582cf8056d351d77025d642f7130ee1c1101d3_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:8826ffc8cbe73575575474ab3f5c51a1236ca0562ed402fe6807501851515249_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:f3a6ac6fd1755690595a563766bf4257bf5f61c476e2c7975a10346a2a2fa9cc_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:37c6618c92bfa78cf1b2c1ab8627ffe7acf4e153c9ea5edf9e421561754398bf_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:58de3caca958225eae8b4921bfdb5ea71be9129dda5a276e59ff5e1ad1946c66_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:8d8f269b883f3226a7701840175dac7b869f443cab0e0d67611062c68c5e35a3_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:e50c3b1377578b4a7e2ea75df60a6e61383d68c9881c1b301211baae548d5f2b_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:5a269382be7cc13f315ca5f3b3d1f14ee1c7ddce06d00be7844346cc33bda9c5_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:5ec1419cc2667ae09fbd9957b078bb9095464f54eef6c6473162f50b195d1091_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:914e579180c28e319070e8ccfd2d2f465c387e7fb00f9122a48dab8ff464569c_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:fe656727a6a4ddd9c301227e31c4ea5299633554bf3046fbdfccde3ace112d8c_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:1b0805e059570d78204cd90362abd5be51bae68ee6d68a16b7253a796e84ab95_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:530c3c831336ffb0489a05e03763f4e31f383aeef8f1a9dbd4c28831e58b44d2_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:7b5d82c9d8494e4f787906fad597ab7a89541d88d306f9f284c62db1b3f7d42f_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:bfc4b10237b98c70fd92b65a7e02de75bcb34a26f533108ff167af98f757930f_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:227fdaa5391412ef2743fb19e7e7660a7e7f97e644a6e9897eee6412b363055d_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:53bf2997e049408b56a112d4686344abfa3d0440287aeb005f257fea535e9372_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:66e88b74afb4b1d7ee4d83e47cff514234ce36ff61e5a50110963edcadcac52a_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:c2dc27eb7c085d404b4aa5c57ef863f8a26c59752891084675c3c510357a3792_s390x", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:2d40857f0ab5b654c9fed86007e943269e691e424bdd34a37a4391e469b85b6f_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:32d499aedd997fd35f6c2de27c6f835322604d7a354b981be381fbf09d3cf047_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:8062f267637743e41199ecd33d2c3c2341039ff1ab048d5d4af250c484da44f9_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:8952c04ed09cff20fe17a2e21c36498fa70a600906a36de2da210d13f839b4f4_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:31465d39e7f1687ba4700772bfebc8b75c22cff405a7f2bca79d25f6631c7ef7_amd64", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:3f428d7013475ab40bb3fd43b665bad9c68cc87b65056b08ea0eb1db3ce9b5b9_ppc64le", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:888418f0fbe551a235ca2e31472caba76a9a44b7a98f2257b43f236dd08a638c_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:d44b0945138804cb66c77a025634c0602203c0f949c5af8e963fdd6706c6ba2f_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:43bbf7abf149072af9b440ba006e20a36e7adcfdd136c75914aacd166d0e7300_s390x", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:56c5a37ca143e8f66bb6b4fb44d15192bd9105dd29de3f886d2b0a829031fca8_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:5cbed421779d0dabbbb3d64346e5d0a3a2210822f19fd08963c87c1ea131bc82_amd64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:9e6d72947023881793fb2862c796fcc7bb779b950c1549ffad6ac5d8e857af7d_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:3a2fdbb6fd11298f9c3c839ef986e6d922434a0e06c0ad991453b605f0a98c75_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:40e5c987cdc42805e4ba160761cd56521023cb541701186efeebf83d42fd2e95_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:85e91086e8fd262482177ab8704ea07b879356f8e55f1a204b3300c52f04b953_s390x", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:a293b2ecc7d1c0941be72b715eca800b5aac0a02b7f6f28731a25153d7445d52_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:4276ed80b39eb7f35426b57e6505457256fd5533bf060f6e8c6562b966474d2f_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:8dde4f312bdfc72eb84bcbf4ccd6f8f7fc3dee8f82b84aac4c661c05d2669546_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:b117eb50400df9af256f117f84db65fcebdd24a9e7e8c7065bea6f81a8958777_ppc64le", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:f15ba82a509069bce631869a418e505f5a3ef67f33ae1b02d09d33558ffc2f15_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:619c7f6f37801ab2a3b0a38780c4be8015b98d6409ade233490162ddf27491a4_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:7e5f3f691625772d6f3363116a56d88d244f6552c59b6a2aa0d9cbc4a416ac1e_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:b0be4aa03a021f62b8bceb029aa3baef4f86be280c2bcc9255454f40c345a46a_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:fef8c54ad6a80b4b983824c47a608a5c862c4d9cbcf419e5810955ff762cdc92_ppc64le", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:553aaf0de45b0fd73522e45e500ff06e383b7851050bf7355856146575f93dcb_arm64", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:8afdaa5fe85f2e1b34c5f567e46458a9e80d666034144f32beb0d7dc66fb5ffa_ppc64le", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:c23546c1fbd394f9a736a00ab41404874b5a38fb43f6ae6be666a892163fc95b_s390x", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:ee07d3b2bf79e91cae5e430a6fe7d34523218f0d9dc4a913c3457f6cdf4450f9_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:29c4fb7279a7fa5c186459035a6a4dfc58b5fcb5cd0c40cfd889cbb181a3f310_arm64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:af50cae15ba3dd44784d1d6a0b3f5492453f0aaf6ea8a54464c9e3184e266d14_ppc64le", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:c84a948c57f07dbdb9c71184b01c839fcf50f59cae2ac11961746c78fab9812e_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:d19c4ecc6436c20e109ea34e7b4c9d247cfae129111ac2ec458bb8a5598e0465_s390x", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:7ac4f7ff93bd61adbb93c550e5f414123db49de12fa10db36c0eccb7934b04bf_arm64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0046873c8908a14953fd5dba03db185cc03203a6f8dfc04a7a89e3175b996d1_s390x", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0b22f1a90f86f059ecb5e3f9804e5f4f258860c05c4e5bab529e8335e5fee43_amd64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:e2b942ae1857e40d3dc15162f6f9d4b05dc92a8e75afdcbca525998d4282ef77_ppc64le", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:03babfd516fb03138e7905763019ee7445f0834ee03fa9b36acbe547b88db585_amd64", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:3f44de1b10f85e2a44359c9e25ae6ce4faf706cd81b70bca95ff4ae3fb9b254c_s390x", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:b5e103054a90859a0aadbd5d4c46a7c2133dce45527ccd8d07154fb000bf037c_arm64", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:d415463470dec22e2274919cfa6cfd5c8c35cccce6fe7fe7a90a440241ffcb65_ppc64le", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:0b3b741a2d2fd6b7cca299646441fa03a4ca0229b8de03079e12daf57aee6104_s390x", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:459f91281392b438603910cb677a377b2883cd260c2d46ab906d9347a02c9fc1_ppc64le", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:bdbda0f7f9806be66b080f531890526d1380b9140bdd542e246805dac310b89d_amd64", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:be16218b938e657441a9b780fe92d26767102ee93cafde62b1976b17189d6aac_arm64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:19830c18e9a70beaf9330bc653141d3822c74a5d292f03b9c6058ba4be09652e_arm64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:275f8f27ab73f5171a8ea5fffbbcba642bb01ae11d9d149fafa6e1dd4b4c5791_amd64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:6c32554ccf469c233348a45dd488b401ad61d4117cc7e3522e923e0adfda8916_ppc64le", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:ca6764cb3a434226041841770ff985784d45767700d7a1dc572591d7d9d171f2_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:56ef39f2ca620582acb64dd973bcd15711ab02673fc8f507120341a6ac53307b_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:64b4788f45a57c43a12352786c4ac950fb21c6a51b42783317eae87ddf10c39d_ppc64le", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:a851e729650262102533517f91659d24871ee2c0f3c35359bcf5262adc8d6868_arm64", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:d609766fe2beae5170015ee27e7c557b811a47e429428d95f506c032be0b1fb6_amd64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:662be434583da6cf319324720d9ac637e8ad63170d47b23a4fe5eb7e8ee2d1b8_s390x", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:73ebc2239443c185e46239ebc1100b8c945701b26f8eca31a13b4718c2b2a512_amd64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:877f6c17034ee9b91211e642fe2bf4a60532067a0874e100fa2c317e114da2e2_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:df585f1b565b00bf7d07bc0ac4c31d8b0ce34065e4efe8a3750b6345a35c97fb_arm64", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:1cbda1caf9aac22cae15476d2ab6b8f8df4b25fdbaf539df72725351e1504433_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:2ba9a97653636b22fc917df5eb7909daae38c0de2e369df9646e845d6ffccd2f_arm64", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:76e0bcee8c17bdafa057def3bf3cdb0086b5c6098fac58b2474d431cf848750f_s390x", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:e630b7df73c9b5e73f1406c6de80d951c8562aa6e6763803f0563a86d15616a0_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41912" }, { "category": "external", "summary": "RHBZ#2149181", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2149181" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41912", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41912" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41912", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41912" }, { "category": "external", "summary": "https://github.com/crewjam/saml/security/advisories/GHSA-j2jp-wvqg-wc2g", "url": "https://github.com/crewjam/saml/security/advisories/GHSA-j2jp-wvqg-wc2g" } ], "release_date": "2022-11-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-12-14T22:38:40+00:00", "details": "For Red Hat Advanced Cluster Management for Kubernetes, see the following\ndocumentation, which will be updated shortly for this release, for important\ninstructions on installing this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:35fc6c2de10172bfa9ec042d332219ceded91e0ec65c3e65837e37679ef1e891_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:509ed58ef39b05d6a7a5a24804a44c99111a8529e76a41b27e4995c1dd314cbe_arm64", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:c1941e25531233a823280f6c564e207c7147104945418bbe4212da5ca609b5fb_s390x", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:f0db22323708e3c01a45d2d129ea9f3c677f99dd132c7e2dd941fb52a119c4b2_amd64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:43eefdc422f15d49b0e22fbc2b0cf59430a73c897562f5672ab816de1ef628ca_s390x", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:90e5bc363390f6caf6e8979cd4deb6b6a457aae0d3d8962e51fde933e25a7e55_arm64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:99af8ed5f5123f8800465545d96e08b65ec8ad2adb59dfdb03f0a8c0062478b9_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:f4a12750af0ff96c6d674f3b1b54fc003d430264dfb123f1475ca0f96dd74d35_amd64", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:5fc53fbfd6f4db093c4b759572ffe552edfb14a7d90f4a7e7159886a0cf8b934_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:6b5550b372570898f0d5b3dcae9252faf5b96252b6e943abffb8d99e110f4ea6_arm64", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:79d17fcb99890489ef19b29aefdf559ce8105f204c2e9d241153368f1b70b7a9_s390x", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:a37b17c006729fdfc830302c225a7dbb954730a43dc33d853b2338733b9ff50b_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:379b0f178959b082d2b718bc89e8af9491ea75c48f131f6771294c7028c6c480_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:4250f5cde3f6f70c34b7fe503fb4c838682cfb04ab5c9febe9a7455b841422f6_s390x", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:958e3848e2e4ef8fab390e4fc15f106616e5b6e1313f8f6d8b347b0b83c80636_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:35bb8ab4899ede811e586e30ba45c7b794b80e76bec005878095ad798358221b_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:d39f60038997f995a159e1f9f7d58838f4bea27feec43061399ac0b49a4283dc_arm64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:da218dc1cc58c7522b230869b09c837f50b91e790afc5e2ebcbc8bf217fcaf7b_s390x", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:f9f9884131d2eb8ce10ee141009aa0e90bd9ce5408d05fc448983524f48aa612_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:1410f6af450d9fefbd6f8618981865e8fd4e0d3f1c7fc5ab052b128bb358bdb3_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:917e5e88a3e32a81d4819a019c246c09ebc2ffee6ef0e04e5be50b809dddfb17_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:b36ca60719f6cb6051f0f67ab9064b18ae59cbcebea14663b76b7889c798f14c_arm64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:de87edacf2754ee62bfab323e5729f6a79b8ffcc8b0d89a106653400b5cb22e1_s390x", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:2eaefe3d0a04912a54e68fc1c6e7d51d5ef05c93e07da9861cd82f87e6baf22a_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:44fbdb06ae27304f5c2adfc1c4cc1982ba0fb3f91fc41dddd015981312f7f697_amd64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:52dc4e94bf039195a43998446c2424e736f301ca033fc387c4a908851bf3bb52_arm64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:da2b284230284bbbf8d67cd54af44f75b9c56d0de52f85f3b2b31461a2a7933a_s390x", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:4d054d8dc6d907fa0b5d02aea550906912bf65bc7c1278aa83d70ad0a1abd9eb_amd64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:52c5ab4725cc1a317981a3d647fd2a39e314bc33942a01b19c650d0e26e0ec00_arm64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:8b5e8a7050ac5a5ea4cd1df3de6e58446b082c94af8f0185f89c27090a2a02b4_ppc64le", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:a3a843254a247d6bf8c12af97c7f9bb7cd41b6aa04d791370af4bc454de0062f_s390x", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:486b767a84eabfc0b0cff6c960e0c45cffb964435d87edc594e92b736bc188a7_arm64", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:78db56efe92cdbcb02b90a01f5810f340870f8ea65ce13d64968c8f35388dc40_ppc64le", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:a5280612e833e10f950729983478a6252aaa62490091696d913f41225816ff9e_s390x", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:c92e05f3c0858aed85e4152f29e6ec964e9f5de60fe828e6776e0b24daabb9f8_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:32a2410084b0e02ace6a50d2f94369b1013f191e996c779067af2dd6d5ef704a_s390x", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:3d6d6e470b58e7653bd9baf271201354ce1cc92d5ffffd45085bb23597c86fbc_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:5701b2728c757feb707eab33cdd06b3709cd0b99a7c1030856c1d86fadb50dd3_arm64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:58327cbc796e527bf108ffa08907a9592860afa2d9761ae6ef6ebfe581fadf4f_ppc64le", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:08873157eef623ceb3482d49e7d13db26954c995afda3ed7c9bb54f327c87558_ppc64le", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:22806dc757bbb6f43c300aabb10fe07ed1067fadbdd67205906784a4f6545e05_amd64", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:74718380683dd2ad8bba18ae57e7573a4d9d835a4a48de51fec2d20e78c2f7b1_s390x", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:ab839da8f703bce3801f7b7b8360ad32c359af63d798a78001f8b22829b2e8eb_arm64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:09844b79501670871afa69e546a19eebfb318ad218196d99776f5c71828a01b9_amd64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:38faff6ab482a1e40288ffc32084e06a228827aeccd3fcd456321ce3c3220d51_arm64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:6b5cb903d4b108c98672bae1b09d37254cb45ec0140d895aa109f757a74e3900_s390x", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:8a76f978de734da792cdceb8f84fccec344b191755976050cfb914990a11f474_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:4b98fddbadd599896e3b764b46c8540a4d479508c2bae373acce62a9a3136838_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:7695a160568b7ec52f8325da984abd4e6703289040020c8c63d146833d34109d_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:b185bd32f1cbeeca19da72b8b60910203963d048f01b3c5333475c539bacab6e_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:e8ba00af597c421fddb15ec1c0bbabc0f4f20d5f5536fcca8741c55d05494f41_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:534bfeddcdb71e091d41fecff793d6a6fce0515e5429845b0e865aa1b5dfdb62_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:66c686412add02b3cf62fbe1dcb7374b1349d82f64e1f3360aa342f464ea2662_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:71853feadcde144e2b483b1643b1234c61adc46b6a0ec87d28c5a3dc9cd17b28_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:e35071bdb532d8d9dbe8b592746d746e67e19dc6c909168f6f7b7faedd4145fe_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:4fbedcad245f1c178f8f561d1362bd99fe0b0df72a4d8133f51fabe83417a023_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:b5e47e37536797e7875c91eccb911a10c0ef31ae161985967a02ce5f907c117d_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:de8da7ee86e521d9dd0f5c35c0a7cb519c3a0e8e68ff1102e937a49609c8c342_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:f1d9e1277d505d99cd3bcb3dc67708ed1e40041058dc97c59886363569f92019_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:37aecc338a66d9d2918242f2f9ba24211bb0f4e95e3913458492caca2e5862fd_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:512a9ccdab049b9777745360f882f9a2784622f66c406fe68d7a5f7efb8b6c1d_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:c1860c9dbe1ba622761ab2fd1612053b28ac979724e6f76e7022de99f936602e_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:e605a7da078a386a33cdb0873c02a7e81ed7d34d723e3a739f93c693dd56c3a7_ppc64le", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:127dc3f02371ab5275f612a0bf2ecabcd679401ea9e5a2af8619c849d2fc412a_amd64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:1e31ff088aaae7fcf90251e0c13be9b550d25253dffc190b7c69a5bd916cb0e4_ppc64le", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:2f44dc093a0eb977805cd5c5392fb2b7f8cdc421e240f5d9ab1bcb30a9c4b603_arm64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:bf4643c1013541a05f93cc0ee72c6d2969984d8e540a270b12438fcaad07d674_s390x", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:4030115941676ce2b4579eeca2cecefc064cc9b1e37be547040c31c97f8e19a5_ppc64le", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:aa2dcc759acefe7597bc6994e5596fe36951a0829cbc808797b120dea2b5041a_amd64", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:bd7e3ead4913728b2add04d2fe0674f8aef38903cb3391c10179a50dd8ed3fd7_arm64", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:e948ee3817a6438e113c3aa2cd0143d407f9a6c271d5a65bbee5cd7b36475b5d_s390x", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:26572690e8f1e22cd5a05ae603246cfced69d4cb90136acc8ac9069cc51b3bd0_amd64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:2d28a9c2bcf4a880988127333244505a91e7efdfaf06958fec7b8560ac6a964c_s390x", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:aaec109d6c7aedad7befccfae92d3f63f8f06d4536a2cad8690686ce89c26bc6_arm64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:d0a4a3f76ccbe6054bb94a2552232fdd46fca7ae2d45dde52ab90efae88470e8_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:0e561b7cfc68fa380ee5939d1b03566adccd7bc3d11ae39796a7816240a29c42_s390x", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:4b903438e95bf786c9121da5381476a9a52e43958a6c3d472fe590e35a7972d6_arm64", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:a23f9b106eb71077ad517a9a2699ff427881c50a27d67d005ba9270180ec3f04_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:c069fcd028b17cfa9ac3ee28648739fb786effe22d54cad579f9476254d410d7_amd64", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:01785c91ce63587118e914d6af9f8fb6e2e47a1727ce95191fb7077ffad11699_s390x", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:384b8e10a099f9233e210e4e34e1ae900cc9fd7dd7fbdfd5977819266a56554f_arm64", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7221c60e55a7911f94a218bce6fb7acda4877e04077ed1b9c51b6c6b2777b4a2_ppc64le", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7b44376ec7e52275050c4d9de1da8116f87c95526fcbeb3cbcd148ddf4b1bf01_amd64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:0a9b1f967ec37ab3dc38e4ed20c717b0c0e70dffa17133651227c7cd0b8f69bf_arm64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:10174a096f4b4c5e7c0a723a1d497fc2a756e3e22415b507e791c81037073946_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:622310ec3df5b379aee757687115d4e7799bfb48e55875fe2c541206886a4bfc_amd64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:e476cd6b1eff4afc3826a2e16ad7dd6f0bff6af911ff4b82723f0841c156cfc2_s390x", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:10ee1e8513214127bc1699fd1d537925f80e4932c97df339e02e34348e8ce9f7_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:73044ccae125bd75b599567d0ebf08f133757fcba55c3d033144782a42492118_arm64", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:cb1920014ca8188f09fea9006545dbc19a2920672402cae098f163b3299fe49a_s390x", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:ecbc5d6d1814a32c662b6fbfb1c77cac0b8a32de69ce205b41389ee370154e06_amd64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:0dcc4996e914351bda366dd983d487eafa663aca34d1c2b40ba7f77a6a9f36f4_amd64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:51c011ba509cbadc16a96db1e8c3354c2d01e2449773a037824a6c310f46fead_ppc64le", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:597f2508e90795625da2fb1e84421f82998d388a28ae87100bcf46620268fbac_arm64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:7689e721b67e11fe79e1280c8158ccad5b5b0e65dc0b063823b39ee404929d9d_s390x", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:290dc7f6a9e14c7e1f43716d06a15b5cf5f202b88606d239bf69cf6baec72161_s390x", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:621499f5e4008d5da2f747c71df84fc22c61d384472a175ff4974c607b58bab0_amd64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:866ef7961bdeda5dec501f8dd492e69aad1a3b18cb9c7e37d9379228aa335040_arm64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:aa993ba23cc6f0390bcbfaa46b029dae0da77a3722ddf0a35fd3a2235ae8ce0e_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:03c1ed5a3abeb0db4c1ed42e5e1b3fa230421150d010127316b4ec73e00f044b_s390x", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:1f8d388d0c13f3bef77b5e279533fb6065998dd1cd66ad1781781bf88952a3df_arm64", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:25b0a82c5cd1eaa022bd551f9528392c91eff31a76993614583994ea1eebf40e_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:e8f25ff1fb58264ea5b64e745b195a3d4f033a9f5cb570b2dc58f7470de0557b_amd64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:4b8124d8d4274ab1500fa638daf8199aeb8e3cbc56b1ac79f826b4a999c1cd3a_s390x", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:5530070a303d20029eead66535b0a071058ae26cd2ac975a36933ea1e4c9441f_ppc64le", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:5a6483cb82b488f18e0d7756c13bfdb50fa4acf9f4483f636b7412fd0361bf1e_amd64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:e4b4c766030aad5767a67b930a964395339b1e7b4c66b1a2e9a19c11898b602e_arm64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:348e8b1b310718ac9816ab857b7ea7c8f027d61c9ace2b6219e58192411d37b2_amd64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:701c7efa2696815961d21469a355c8450f03548a36e72713b34b303aa8892541_arm64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:8a1df5b72b8a54c5db4adb393754a62345c8e7ef2b8daa83043e465d99acf6d2_s390x", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:975c0658f16447d7de03e5aa9ded283d52bbe6b94265fa1144b282e09db5759b_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:3b40707f382a9664f7a2c8cb75805f98fe596a92765a1dd538b890bfc8a2a332_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:3fc8fb7098d191415b8971e984582cf8056d351d77025d642f7130ee1c1101d3_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:8826ffc8cbe73575575474ab3f5c51a1236ca0562ed402fe6807501851515249_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:f3a6ac6fd1755690595a563766bf4257bf5f61c476e2c7975a10346a2a2fa9cc_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:37c6618c92bfa78cf1b2c1ab8627ffe7acf4e153c9ea5edf9e421561754398bf_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:58de3caca958225eae8b4921bfdb5ea71be9129dda5a276e59ff5e1ad1946c66_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:8d8f269b883f3226a7701840175dac7b869f443cab0e0d67611062c68c5e35a3_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:e50c3b1377578b4a7e2ea75df60a6e61383d68c9881c1b301211baae548d5f2b_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:5a269382be7cc13f315ca5f3b3d1f14ee1c7ddce06d00be7844346cc33bda9c5_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:5ec1419cc2667ae09fbd9957b078bb9095464f54eef6c6473162f50b195d1091_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:914e579180c28e319070e8ccfd2d2f465c387e7fb00f9122a48dab8ff464569c_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:fe656727a6a4ddd9c301227e31c4ea5299633554bf3046fbdfccde3ace112d8c_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:1b0805e059570d78204cd90362abd5be51bae68ee6d68a16b7253a796e84ab95_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:530c3c831336ffb0489a05e03763f4e31f383aeef8f1a9dbd4c28831e58b44d2_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:7b5d82c9d8494e4f787906fad597ab7a89541d88d306f9f284c62db1b3f7d42f_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:bfc4b10237b98c70fd92b65a7e02de75bcb34a26f533108ff167af98f757930f_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:227fdaa5391412ef2743fb19e7e7660a7e7f97e644a6e9897eee6412b363055d_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:53bf2997e049408b56a112d4686344abfa3d0440287aeb005f257fea535e9372_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:66e88b74afb4b1d7ee4d83e47cff514234ce36ff61e5a50110963edcadcac52a_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:c2dc27eb7c085d404b4aa5c57ef863f8a26c59752891084675c3c510357a3792_s390x", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:2d40857f0ab5b654c9fed86007e943269e691e424bdd34a37a4391e469b85b6f_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:32d499aedd997fd35f6c2de27c6f835322604d7a354b981be381fbf09d3cf047_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:8062f267637743e41199ecd33d2c3c2341039ff1ab048d5d4af250c484da44f9_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:8952c04ed09cff20fe17a2e21c36498fa70a600906a36de2da210d13f839b4f4_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:31465d39e7f1687ba4700772bfebc8b75c22cff405a7f2bca79d25f6631c7ef7_amd64", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:3f428d7013475ab40bb3fd43b665bad9c68cc87b65056b08ea0eb1db3ce9b5b9_ppc64le", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:888418f0fbe551a235ca2e31472caba76a9a44b7a98f2257b43f236dd08a638c_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:d44b0945138804cb66c77a025634c0602203c0f949c5af8e963fdd6706c6ba2f_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:43bbf7abf149072af9b440ba006e20a36e7adcfdd136c75914aacd166d0e7300_s390x", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:56c5a37ca143e8f66bb6b4fb44d15192bd9105dd29de3f886d2b0a829031fca8_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:5cbed421779d0dabbbb3d64346e5d0a3a2210822f19fd08963c87c1ea131bc82_amd64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:9e6d72947023881793fb2862c796fcc7bb779b950c1549ffad6ac5d8e857af7d_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:3a2fdbb6fd11298f9c3c839ef986e6d922434a0e06c0ad991453b605f0a98c75_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:40e5c987cdc42805e4ba160761cd56521023cb541701186efeebf83d42fd2e95_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:85e91086e8fd262482177ab8704ea07b879356f8e55f1a204b3300c52f04b953_s390x", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:a293b2ecc7d1c0941be72b715eca800b5aac0a02b7f6f28731a25153d7445d52_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:4276ed80b39eb7f35426b57e6505457256fd5533bf060f6e8c6562b966474d2f_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:8dde4f312bdfc72eb84bcbf4ccd6f8f7fc3dee8f82b84aac4c661c05d2669546_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:b117eb50400df9af256f117f84db65fcebdd24a9e7e8c7065bea6f81a8958777_ppc64le", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:f15ba82a509069bce631869a418e505f5a3ef67f33ae1b02d09d33558ffc2f15_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:619c7f6f37801ab2a3b0a38780c4be8015b98d6409ade233490162ddf27491a4_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:7e5f3f691625772d6f3363116a56d88d244f6552c59b6a2aa0d9cbc4a416ac1e_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:b0be4aa03a021f62b8bceb029aa3baef4f86be280c2bcc9255454f40c345a46a_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:fef8c54ad6a80b4b983824c47a608a5c862c4d9cbcf419e5810955ff762cdc92_ppc64le", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:553aaf0de45b0fd73522e45e500ff06e383b7851050bf7355856146575f93dcb_arm64", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:8afdaa5fe85f2e1b34c5f567e46458a9e80d666034144f32beb0d7dc66fb5ffa_ppc64le", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:c23546c1fbd394f9a736a00ab41404874b5a38fb43f6ae6be666a892163fc95b_s390x", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:ee07d3b2bf79e91cae5e430a6fe7d34523218f0d9dc4a913c3457f6cdf4450f9_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:29c4fb7279a7fa5c186459035a6a4dfc58b5fcb5cd0c40cfd889cbb181a3f310_arm64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:af50cae15ba3dd44784d1d6a0b3f5492453f0aaf6ea8a54464c9e3184e266d14_ppc64le", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:c84a948c57f07dbdb9c71184b01c839fcf50f59cae2ac11961746c78fab9812e_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:d19c4ecc6436c20e109ea34e7b4c9d247cfae129111ac2ec458bb8a5598e0465_s390x", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:7ac4f7ff93bd61adbb93c550e5f414123db49de12fa10db36c0eccb7934b04bf_arm64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0046873c8908a14953fd5dba03db185cc03203a6f8dfc04a7a89e3175b996d1_s390x", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0b22f1a90f86f059ecb5e3f9804e5f4f258860c05c4e5bab529e8335e5fee43_amd64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:e2b942ae1857e40d3dc15162f6f9d4b05dc92a8e75afdcbca525998d4282ef77_ppc64le", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:03babfd516fb03138e7905763019ee7445f0834ee03fa9b36acbe547b88db585_amd64", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:3f44de1b10f85e2a44359c9e25ae6ce4faf706cd81b70bca95ff4ae3fb9b254c_s390x", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:b5e103054a90859a0aadbd5d4c46a7c2133dce45527ccd8d07154fb000bf037c_arm64", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:d415463470dec22e2274919cfa6cfd5c8c35cccce6fe7fe7a90a440241ffcb65_ppc64le", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:0b3b741a2d2fd6b7cca299646441fa03a4ca0229b8de03079e12daf57aee6104_s390x", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:459f91281392b438603910cb677a377b2883cd260c2d46ab906d9347a02c9fc1_ppc64le", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:bdbda0f7f9806be66b080f531890526d1380b9140bdd542e246805dac310b89d_amd64", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:be16218b938e657441a9b780fe92d26767102ee93cafde62b1976b17189d6aac_arm64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:19830c18e9a70beaf9330bc653141d3822c74a5d292f03b9c6058ba4be09652e_arm64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:275f8f27ab73f5171a8ea5fffbbcba642bb01ae11d9d149fafa6e1dd4b4c5791_amd64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:6c32554ccf469c233348a45dd488b401ad61d4117cc7e3522e923e0adfda8916_ppc64le", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:ca6764cb3a434226041841770ff985784d45767700d7a1dc572591d7d9d171f2_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:56ef39f2ca620582acb64dd973bcd15711ab02673fc8f507120341a6ac53307b_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:64b4788f45a57c43a12352786c4ac950fb21c6a51b42783317eae87ddf10c39d_ppc64le", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:a851e729650262102533517f91659d24871ee2c0f3c35359bcf5262adc8d6868_arm64", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:d609766fe2beae5170015ee27e7c557b811a47e429428d95f506c032be0b1fb6_amd64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:662be434583da6cf319324720d9ac637e8ad63170d47b23a4fe5eb7e8ee2d1b8_s390x", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:73ebc2239443c185e46239ebc1100b8c945701b26f8eca31a13b4718c2b2a512_amd64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:877f6c17034ee9b91211e642fe2bf4a60532067a0874e100fa2c317e114da2e2_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:df585f1b565b00bf7d07bc0ac4c31d8b0ce34065e4efe8a3750b6345a35c97fb_arm64", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:1cbda1caf9aac22cae15476d2ab6b8f8df4b25fdbaf539df72725351e1504433_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:2ba9a97653636b22fc917df5eb7909daae38c0de2e369df9646e845d6ffccd2f_arm64", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:76e0bcee8c17bdafa057def3bf3cdb0086b5c6098fac58b2474d431cf848750f_s390x", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:e630b7df73c9b5e73f1406c6de80d951c8562aa6e6763803f0563a86d15616a0_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:9040" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:35fc6c2de10172bfa9ec042d332219ceded91e0ec65c3e65837e37679ef1e891_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:509ed58ef39b05d6a7a5a24804a44c99111a8529e76a41b27e4995c1dd314cbe_arm64", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:c1941e25531233a823280f6c564e207c7147104945418bbe4212da5ca609b5fb_s390x", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:f0db22323708e3c01a45d2d129ea9f3c677f99dd132c7e2dd941fb52a119c4b2_amd64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:43eefdc422f15d49b0e22fbc2b0cf59430a73c897562f5672ab816de1ef628ca_s390x", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:90e5bc363390f6caf6e8979cd4deb6b6a457aae0d3d8962e51fde933e25a7e55_arm64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:99af8ed5f5123f8800465545d96e08b65ec8ad2adb59dfdb03f0a8c0062478b9_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:f4a12750af0ff96c6d674f3b1b54fc003d430264dfb123f1475ca0f96dd74d35_amd64", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:5fc53fbfd6f4db093c4b759572ffe552edfb14a7d90f4a7e7159886a0cf8b934_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:6b5550b372570898f0d5b3dcae9252faf5b96252b6e943abffb8d99e110f4ea6_arm64", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:79d17fcb99890489ef19b29aefdf559ce8105f204c2e9d241153368f1b70b7a9_s390x", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:a37b17c006729fdfc830302c225a7dbb954730a43dc33d853b2338733b9ff50b_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:379b0f178959b082d2b718bc89e8af9491ea75c48f131f6771294c7028c6c480_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:4250f5cde3f6f70c34b7fe503fb4c838682cfb04ab5c9febe9a7455b841422f6_s390x", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:958e3848e2e4ef8fab390e4fc15f106616e5b6e1313f8f6d8b347b0b83c80636_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:35bb8ab4899ede811e586e30ba45c7b794b80e76bec005878095ad798358221b_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:d39f60038997f995a159e1f9f7d58838f4bea27feec43061399ac0b49a4283dc_arm64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:da218dc1cc58c7522b230869b09c837f50b91e790afc5e2ebcbc8bf217fcaf7b_s390x", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:f9f9884131d2eb8ce10ee141009aa0e90bd9ce5408d05fc448983524f48aa612_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:1410f6af450d9fefbd6f8618981865e8fd4e0d3f1c7fc5ab052b128bb358bdb3_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:917e5e88a3e32a81d4819a019c246c09ebc2ffee6ef0e04e5be50b809dddfb17_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:b36ca60719f6cb6051f0f67ab9064b18ae59cbcebea14663b76b7889c798f14c_arm64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:de87edacf2754ee62bfab323e5729f6a79b8ffcc8b0d89a106653400b5cb22e1_s390x", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:2eaefe3d0a04912a54e68fc1c6e7d51d5ef05c93e07da9861cd82f87e6baf22a_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:44fbdb06ae27304f5c2adfc1c4cc1982ba0fb3f91fc41dddd015981312f7f697_amd64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:52dc4e94bf039195a43998446c2424e736f301ca033fc387c4a908851bf3bb52_arm64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:da2b284230284bbbf8d67cd54af44f75b9c56d0de52f85f3b2b31461a2a7933a_s390x", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:4d054d8dc6d907fa0b5d02aea550906912bf65bc7c1278aa83d70ad0a1abd9eb_amd64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:52c5ab4725cc1a317981a3d647fd2a39e314bc33942a01b19c650d0e26e0ec00_arm64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:8b5e8a7050ac5a5ea4cd1df3de6e58446b082c94af8f0185f89c27090a2a02b4_ppc64le", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:a3a843254a247d6bf8c12af97c7f9bb7cd41b6aa04d791370af4bc454de0062f_s390x", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:486b767a84eabfc0b0cff6c960e0c45cffb964435d87edc594e92b736bc188a7_arm64", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:78db56efe92cdbcb02b90a01f5810f340870f8ea65ce13d64968c8f35388dc40_ppc64le", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:a5280612e833e10f950729983478a6252aaa62490091696d913f41225816ff9e_s390x", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:c92e05f3c0858aed85e4152f29e6ec964e9f5de60fe828e6776e0b24daabb9f8_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:32a2410084b0e02ace6a50d2f94369b1013f191e996c779067af2dd6d5ef704a_s390x", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:3d6d6e470b58e7653bd9baf271201354ce1cc92d5ffffd45085bb23597c86fbc_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:5701b2728c757feb707eab33cdd06b3709cd0b99a7c1030856c1d86fadb50dd3_arm64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:58327cbc796e527bf108ffa08907a9592860afa2d9761ae6ef6ebfe581fadf4f_ppc64le", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:08873157eef623ceb3482d49e7d13db26954c995afda3ed7c9bb54f327c87558_ppc64le", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:22806dc757bbb6f43c300aabb10fe07ed1067fadbdd67205906784a4f6545e05_amd64", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:74718380683dd2ad8bba18ae57e7573a4d9d835a4a48de51fec2d20e78c2f7b1_s390x", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:ab839da8f703bce3801f7b7b8360ad32c359af63d798a78001f8b22829b2e8eb_arm64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:09844b79501670871afa69e546a19eebfb318ad218196d99776f5c71828a01b9_amd64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:38faff6ab482a1e40288ffc32084e06a228827aeccd3fcd456321ce3c3220d51_arm64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:6b5cb903d4b108c98672bae1b09d37254cb45ec0140d895aa109f757a74e3900_s390x", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:8a76f978de734da792cdceb8f84fccec344b191755976050cfb914990a11f474_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:4b98fddbadd599896e3b764b46c8540a4d479508c2bae373acce62a9a3136838_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:7695a160568b7ec52f8325da984abd4e6703289040020c8c63d146833d34109d_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:b185bd32f1cbeeca19da72b8b60910203963d048f01b3c5333475c539bacab6e_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:e8ba00af597c421fddb15ec1c0bbabc0f4f20d5f5536fcca8741c55d05494f41_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:534bfeddcdb71e091d41fecff793d6a6fce0515e5429845b0e865aa1b5dfdb62_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:66c686412add02b3cf62fbe1dcb7374b1349d82f64e1f3360aa342f464ea2662_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:71853feadcde144e2b483b1643b1234c61adc46b6a0ec87d28c5a3dc9cd17b28_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:e35071bdb532d8d9dbe8b592746d746e67e19dc6c909168f6f7b7faedd4145fe_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:4fbedcad245f1c178f8f561d1362bd99fe0b0df72a4d8133f51fabe83417a023_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:b5e47e37536797e7875c91eccb911a10c0ef31ae161985967a02ce5f907c117d_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:de8da7ee86e521d9dd0f5c35c0a7cb519c3a0e8e68ff1102e937a49609c8c342_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:f1d9e1277d505d99cd3bcb3dc67708ed1e40041058dc97c59886363569f92019_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:37aecc338a66d9d2918242f2f9ba24211bb0f4e95e3913458492caca2e5862fd_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:512a9ccdab049b9777745360f882f9a2784622f66c406fe68d7a5f7efb8b6c1d_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:c1860c9dbe1ba622761ab2fd1612053b28ac979724e6f76e7022de99f936602e_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:e605a7da078a386a33cdb0873c02a7e81ed7d34d723e3a739f93c693dd56c3a7_ppc64le", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:127dc3f02371ab5275f612a0bf2ecabcd679401ea9e5a2af8619c849d2fc412a_amd64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:1e31ff088aaae7fcf90251e0c13be9b550d25253dffc190b7c69a5bd916cb0e4_ppc64le", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:2f44dc093a0eb977805cd5c5392fb2b7f8cdc421e240f5d9ab1bcb30a9c4b603_arm64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:bf4643c1013541a05f93cc0ee72c6d2969984d8e540a270b12438fcaad07d674_s390x", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:4030115941676ce2b4579eeca2cecefc064cc9b1e37be547040c31c97f8e19a5_ppc64le", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:aa2dcc759acefe7597bc6994e5596fe36951a0829cbc808797b120dea2b5041a_amd64", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:bd7e3ead4913728b2add04d2fe0674f8aef38903cb3391c10179a50dd8ed3fd7_arm64", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:e948ee3817a6438e113c3aa2cd0143d407f9a6c271d5a65bbee5cd7b36475b5d_s390x", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:26572690e8f1e22cd5a05ae603246cfced69d4cb90136acc8ac9069cc51b3bd0_amd64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:2d28a9c2bcf4a880988127333244505a91e7efdfaf06958fec7b8560ac6a964c_s390x", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:aaec109d6c7aedad7befccfae92d3f63f8f06d4536a2cad8690686ce89c26bc6_arm64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:d0a4a3f76ccbe6054bb94a2552232fdd46fca7ae2d45dde52ab90efae88470e8_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:0e561b7cfc68fa380ee5939d1b03566adccd7bc3d11ae39796a7816240a29c42_s390x", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:4b903438e95bf786c9121da5381476a9a52e43958a6c3d472fe590e35a7972d6_arm64", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:a23f9b106eb71077ad517a9a2699ff427881c50a27d67d005ba9270180ec3f04_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:c069fcd028b17cfa9ac3ee28648739fb786effe22d54cad579f9476254d410d7_amd64", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:01785c91ce63587118e914d6af9f8fb6e2e47a1727ce95191fb7077ffad11699_s390x", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:384b8e10a099f9233e210e4e34e1ae900cc9fd7dd7fbdfd5977819266a56554f_arm64", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7221c60e55a7911f94a218bce6fb7acda4877e04077ed1b9c51b6c6b2777b4a2_ppc64le", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7b44376ec7e52275050c4d9de1da8116f87c95526fcbeb3cbcd148ddf4b1bf01_amd64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:0a9b1f967ec37ab3dc38e4ed20c717b0c0e70dffa17133651227c7cd0b8f69bf_arm64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:10174a096f4b4c5e7c0a723a1d497fc2a756e3e22415b507e791c81037073946_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:622310ec3df5b379aee757687115d4e7799bfb48e55875fe2c541206886a4bfc_amd64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:e476cd6b1eff4afc3826a2e16ad7dd6f0bff6af911ff4b82723f0841c156cfc2_s390x", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:10ee1e8513214127bc1699fd1d537925f80e4932c97df339e02e34348e8ce9f7_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:73044ccae125bd75b599567d0ebf08f133757fcba55c3d033144782a42492118_arm64", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:cb1920014ca8188f09fea9006545dbc19a2920672402cae098f163b3299fe49a_s390x", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:ecbc5d6d1814a32c662b6fbfb1c77cac0b8a32de69ce205b41389ee370154e06_amd64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:0dcc4996e914351bda366dd983d487eafa663aca34d1c2b40ba7f77a6a9f36f4_amd64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:51c011ba509cbadc16a96db1e8c3354c2d01e2449773a037824a6c310f46fead_ppc64le", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:597f2508e90795625da2fb1e84421f82998d388a28ae87100bcf46620268fbac_arm64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:7689e721b67e11fe79e1280c8158ccad5b5b0e65dc0b063823b39ee404929d9d_s390x", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:290dc7f6a9e14c7e1f43716d06a15b5cf5f202b88606d239bf69cf6baec72161_s390x", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:621499f5e4008d5da2f747c71df84fc22c61d384472a175ff4974c607b58bab0_amd64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:866ef7961bdeda5dec501f8dd492e69aad1a3b18cb9c7e37d9379228aa335040_arm64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:aa993ba23cc6f0390bcbfaa46b029dae0da77a3722ddf0a35fd3a2235ae8ce0e_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:03c1ed5a3abeb0db4c1ed42e5e1b3fa230421150d010127316b4ec73e00f044b_s390x", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:1f8d388d0c13f3bef77b5e279533fb6065998dd1cd66ad1781781bf88952a3df_arm64", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:25b0a82c5cd1eaa022bd551f9528392c91eff31a76993614583994ea1eebf40e_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:e8f25ff1fb58264ea5b64e745b195a3d4f033a9f5cb570b2dc58f7470de0557b_amd64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:4b8124d8d4274ab1500fa638daf8199aeb8e3cbc56b1ac79f826b4a999c1cd3a_s390x", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:5530070a303d20029eead66535b0a071058ae26cd2ac975a36933ea1e4c9441f_ppc64le", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:5a6483cb82b488f18e0d7756c13bfdb50fa4acf9f4483f636b7412fd0361bf1e_amd64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:e4b4c766030aad5767a67b930a964395339b1e7b4c66b1a2e9a19c11898b602e_arm64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:348e8b1b310718ac9816ab857b7ea7c8f027d61c9ace2b6219e58192411d37b2_amd64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:701c7efa2696815961d21469a355c8450f03548a36e72713b34b303aa8892541_arm64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:8a1df5b72b8a54c5db4adb393754a62345c8e7ef2b8daa83043e465d99acf6d2_s390x", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:975c0658f16447d7de03e5aa9ded283d52bbe6b94265fa1144b282e09db5759b_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:3b40707f382a9664f7a2c8cb75805f98fe596a92765a1dd538b890bfc8a2a332_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:3fc8fb7098d191415b8971e984582cf8056d351d77025d642f7130ee1c1101d3_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:8826ffc8cbe73575575474ab3f5c51a1236ca0562ed402fe6807501851515249_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:f3a6ac6fd1755690595a563766bf4257bf5f61c476e2c7975a10346a2a2fa9cc_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:37c6618c92bfa78cf1b2c1ab8627ffe7acf4e153c9ea5edf9e421561754398bf_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:58de3caca958225eae8b4921bfdb5ea71be9129dda5a276e59ff5e1ad1946c66_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:8d8f269b883f3226a7701840175dac7b869f443cab0e0d67611062c68c5e35a3_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:e50c3b1377578b4a7e2ea75df60a6e61383d68c9881c1b301211baae548d5f2b_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:5a269382be7cc13f315ca5f3b3d1f14ee1c7ddce06d00be7844346cc33bda9c5_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:5ec1419cc2667ae09fbd9957b078bb9095464f54eef6c6473162f50b195d1091_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:914e579180c28e319070e8ccfd2d2f465c387e7fb00f9122a48dab8ff464569c_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:fe656727a6a4ddd9c301227e31c4ea5299633554bf3046fbdfccde3ace112d8c_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:1b0805e059570d78204cd90362abd5be51bae68ee6d68a16b7253a796e84ab95_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:530c3c831336ffb0489a05e03763f4e31f383aeef8f1a9dbd4c28831e58b44d2_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:7b5d82c9d8494e4f787906fad597ab7a89541d88d306f9f284c62db1b3f7d42f_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:bfc4b10237b98c70fd92b65a7e02de75bcb34a26f533108ff167af98f757930f_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:227fdaa5391412ef2743fb19e7e7660a7e7f97e644a6e9897eee6412b363055d_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:53bf2997e049408b56a112d4686344abfa3d0440287aeb005f257fea535e9372_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:66e88b74afb4b1d7ee4d83e47cff514234ce36ff61e5a50110963edcadcac52a_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:c2dc27eb7c085d404b4aa5c57ef863f8a26c59752891084675c3c510357a3792_s390x", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:2d40857f0ab5b654c9fed86007e943269e691e424bdd34a37a4391e469b85b6f_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:32d499aedd997fd35f6c2de27c6f835322604d7a354b981be381fbf09d3cf047_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:8062f267637743e41199ecd33d2c3c2341039ff1ab048d5d4af250c484da44f9_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:8952c04ed09cff20fe17a2e21c36498fa70a600906a36de2da210d13f839b4f4_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:31465d39e7f1687ba4700772bfebc8b75c22cff405a7f2bca79d25f6631c7ef7_amd64", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:3f428d7013475ab40bb3fd43b665bad9c68cc87b65056b08ea0eb1db3ce9b5b9_ppc64le", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:888418f0fbe551a235ca2e31472caba76a9a44b7a98f2257b43f236dd08a638c_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:d44b0945138804cb66c77a025634c0602203c0f949c5af8e963fdd6706c6ba2f_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:43bbf7abf149072af9b440ba006e20a36e7adcfdd136c75914aacd166d0e7300_s390x", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:56c5a37ca143e8f66bb6b4fb44d15192bd9105dd29de3f886d2b0a829031fca8_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:5cbed421779d0dabbbb3d64346e5d0a3a2210822f19fd08963c87c1ea131bc82_amd64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:9e6d72947023881793fb2862c796fcc7bb779b950c1549ffad6ac5d8e857af7d_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:3a2fdbb6fd11298f9c3c839ef986e6d922434a0e06c0ad991453b605f0a98c75_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:40e5c987cdc42805e4ba160761cd56521023cb541701186efeebf83d42fd2e95_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:85e91086e8fd262482177ab8704ea07b879356f8e55f1a204b3300c52f04b953_s390x", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:a293b2ecc7d1c0941be72b715eca800b5aac0a02b7f6f28731a25153d7445d52_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:4276ed80b39eb7f35426b57e6505457256fd5533bf060f6e8c6562b966474d2f_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:8dde4f312bdfc72eb84bcbf4ccd6f8f7fc3dee8f82b84aac4c661c05d2669546_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:b117eb50400df9af256f117f84db65fcebdd24a9e7e8c7065bea6f81a8958777_ppc64le", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:f15ba82a509069bce631869a418e505f5a3ef67f33ae1b02d09d33558ffc2f15_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:619c7f6f37801ab2a3b0a38780c4be8015b98d6409ade233490162ddf27491a4_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:7e5f3f691625772d6f3363116a56d88d244f6552c59b6a2aa0d9cbc4a416ac1e_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:b0be4aa03a021f62b8bceb029aa3baef4f86be280c2bcc9255454f40c345a46a_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:fef8c54ad6a80b4b983824c47a608a5c862c4d9cbcf419e5810955ff762cdc92_ppc64le", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:553aaf0de45b0fd73522e45e500ff06e383b7851050bf7355856146575f93dcb_arm64", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:8afdaa5fe85f2e1b34c5f567e46458a9e80d666034144f32beb0d7dc66fb5ffa_ppc64le", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:c23546c1fbd394f9a736a00ab41404874b5a38fb43f6ae6be666a892163fc95b_s390x", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:ee07d3b2bf79e91cae5e430a6fe7d34523218f0d9dc4a913c3457f6cdf4450f9_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:29c4fb7279a7fa5c186459035a6a4dfc58b5fcb5cd0c40cfd889cbb181a3f310_arm64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:af50cae15ba3dd44784d1d6a0b3f5492453f0aaf6ea8a54464c9e3184e266d14_ppc64le", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:c84a948c57f07dbdb9c71184b01c839fcf50f59cae2ac11961746c78fab9812e_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:d19c4ecc6436c20e109ea34e7b4c9d247cfae129111ac2ec458bb8a5598e0465_s390x", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:7ac4f7ff93bd61adbb93c550e5f414123db49de12fa10db36c0eccb7934b04bf_arm64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0046873c8908a14953fd5dba03db185cc03203a6f8dfc04a7a89e3175b996d1_s390x", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0b22f1a90f86f059ecb5e3f9804e5f4f258860c05c4e5bab529e8335e5fee43_amd64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:e2b942ae1857e40d3dc15162f6f9d4b05dc92a8e75afdcbca525998d4282ef77_ppc64le", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:03babfd516fb03138e7905763019ee7445f0834ee03fa9b36acbe547b88db585_amd64", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:3f44de1b10f85e2a44359c9e25ae6ce4faf706cd81b70bca95ff4ae3fb9b254c_s390x", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:b5e103054a90859a0aadbd5d4c46a7c2133dce45527ccd8d07154fb000bf037c_arm64", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:d415463470dec22e2274919cfa6cfd5c8c35cccce6fe7fe7a90a440241ffcb65_ppc64le", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:0b3b741a2d2fd6b7cca299646441fa03a4ca0229b8de03079e12daf57aee6104_s390x", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:459f91281392b438603910cb677a377b2883cd260c2d46ab906d9347a02c9fc1_ppc64le", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:bdbda0f7f9806be66b080f531890526d1380b9140bdd542e246805dac310b89d_amd64", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:be16218b938e657441a9b780fe92d26767102ee93cafde62b1976b17189d6aac_arm64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:19830c18e9a70beaf9330bc653141d3822c74a5d292f03b9c6058ba4be09652e_arm64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:275f8f27ab73f5171a8ea5fffbbcba642bb01ae11d9d149fafa6e1dd4b4c5791_amd64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:6c32554ccf469c233348a45dd488b401ad61d4117cc7e3522e923e0adfda8916_ppc64le", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:ca6764cb3a434226041841770ff985784d45767700d7a1dc572591d7d9d171f2_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:56ef39f2ca620582acb64dd973bcd15711ab02673fc8f507120341a6ac53307b_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:64b4788f45a57c43a12352786c4ac950fb21c6a51b42783317eae87ddf10c39d_ppc64le", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:a851e729650262102533517f91659d24871ee2c0f3c35359bcf5262adc8d6868_arm64", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:d609766fe2beae5170015ee27e7c557b811a47e429428d95f506c032be0b1fb6_amd64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:662be434583da6cf319324720d9ac637e8ad63170d47b23a4fe5eb7e8ee2d1b8_s390x", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:73ebc2239443c185e46239ebc1100b8c945701b26f8eca31a13b4718c2b2a512_amd64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:877f6c17034ee9b91211e642fe2bf4a60532067a0874e100fa2c317e114da2e2_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:df585f1b565b00bf7d07bc0ac4c31d8b0ce34065e4efe8a3750b6345a35c97fb_arm64", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:1cbda1caf9aac22cae15476d2ab6b8f8df4b25fdbaf539df72725351e1504433_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:2ba9a97653636b22fc917df5eb7909daae38c0de2e369df9646e845d6ffccd2f_arm64", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:76e0bcee8c17bdafa057def3bf3cdb0086b5c6098fac58b2474d431cf848750f_s390x", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:e630b7df73c9b5e73f1406c6de80d951c8562aa6e6763803f0563a86d15616a0_amd64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements" } ] }
rhsa-2023_0471
Vulnerability from csaf_redhat
Published
2023-01-26 12:14
Modified
2024-11-03 22:33
Summary
Red Hat Security Advisory: Migration Toolkit for Runtimes security update
Notes
Topic
An update is now available for Migration Toolkit for Runtimes (v1.0.1).
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Security Fix(es):
* jib-core: RCE via the isDockerInstalled (CVE-2022-25914)
* Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing (CVE-2022-42920)
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* loader-utils: Regular expression denial of service (CVE-2022-37603)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Migration Toolkit for Runtimes (v1.0.1).\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Security Fix(es):\n\n* jib-core: RCE via the isDockerInstalled (CVE-2022-25914)\n* Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing (CVE-2022-42920)\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n* loader-utils: Regular expression denial of service (CVE-2022-37603)\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:0471", "url": "https://access.redhat.com/errata/RHSA-2023:0471" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=migration.toolkit.runtimes\u0026downloadType=distributions", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=migration.toolkit.runtimes\u0026downloadType=distributions" }, { "category": "external", "summary": "2134344", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134344" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "2140597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597" }, { "category": "external", "summary": "2142707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0471.json" } ], "title": "Red Hat Security Advisory: Migration Toolkit for Runtimes security update", "tracking": { "current_release_date": "2024-11-03T22:33:56+00:00", "generator": { "date": "2024-11-03T22:33:56+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2023:0471", "initial_release_date": "2023-01-26T12:14:50+00:00", "revision_history": [ { "date": "2023-01-26T12:14:50+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-01-26T12:14:50+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-03T22:33:56+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Migration Toolkit for Runtimes 1 on RHEL 8", "product": { "name": "Migration Toolkit for Runtimes 1 on RHEL 8", "product_id": "Migration Toolkit for Runtimes 1 on RHEL 8", "product_identification_helper": { "cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8" } } } ], "category": "product_family", "name": "Migration Toolkit for Runtimes" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-26T12:14:50+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0471" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "cve": "CVE-2022-25914", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2022-10-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134344" } ], "notes": [ { "category": "description", "text": "A flaw was found in the jib-core package. This flaw allows an attacker to execute remote code into its target.", "title": "Vulnerability description" }, { "category": "summary", "text": "jib-core: RCE via the isDockerInstalled", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-25914" }, { "category": "external", "summary": "RHBZ#2134344", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134344" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25914", "url": "https://www.cve.org/CVERecord?id=CVE-2022-25914" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25914", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25914" } ], "release_date": "2022-09-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-26T12:14:50+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0471" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jib-core: RCE via the isDockerInstalled" }, { "cve": "CVE-2022-37603", "cwe": { "id": "CWE-185", "name": "Incorrect Regular Expression" }, "discovery_date": "2022-11-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140597" } ], "notes": [ { "category": "description", "text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.", "title": "Vulnerability description" }, { "category": "summary", "text": "loader-utils: Regular expression denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-37603" }, { "category": "external", "summary": "RHBZ#2140597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603", "url": "https://www.cve.org/CVERecord?id=CVE-2022-37603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603" } ], "release_date": "2022-10-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-26T12:14:50+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0471" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "loader-utils: Regular expression denial of service" }, { "cve": "CVE-2022-42003", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135244" } ], "notes": [ { "category": "description", "text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42003" }, { "category": "external", "summary": "RHBZ#2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-26T12:14:50+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0471" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS" }, { "cve": "CVE-2022-42004", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135247" } ], "notes": [ { "category": "description", "text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: use of deeply nested arrays", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42004" }, { "category": "external", "summary": "RHBZ#2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-26T12:14:50+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0471" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: use of deeply nested arrays" }, { "cve": "CVE-2022-42920", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-11-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2142707" } ], "notes": [ { "category": "description", "text": "An out-of-bounds (OOB) write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected.", "title": "Vulnerability description" }, { "category": "summary", "text": "Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing", "title": "Vulnerability summary" }, { "category": "other", "text": "Fuse 7 ships the code in question but does not utilize it in the product, so it is affected at a reduced impact of Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42920" }, { "category": "external", "summary": "RHBZ#2142707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42920", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42920" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920" }, { "category": "external", "summary": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4", "url": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4" } ], "release_date": "2022-11-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-26T12:14:50+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0471" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Migration Toolkit for Runtimes 1 on RHEL 8" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing" } ] }
rhsa-2023_1743
Vulnerability from csaf_redhat
Published
2023-04-12 15:03
Modified
2024-11-06 02:45
Summary
Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (14.21.3).
Security Fix(es):
* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)
* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904)
* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)
* Node.js: Permissions policies can be bypassed via process.mainModule (CVE-2023-23918)
* Node.js: insecure loading of ICU data through ICU_DATA environment variable (CVE-2023-23920)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (14.21.3).\n\nSecurity Fix(es):\n\n* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)\n\n* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904)\n\n* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)\n\n* Node.js: Permissions policies can be bypassed via process.mainModule (CVE-2023-23918)\n\n* Node.js: insecure loading of ICU data through ICU_DATA environment variable (CVE-2023-23920)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1743", "url": "https://access.redhat.com/errata/RHSA-2023:1743" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "2165824", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824" }, { "category": "external", "summary": "2168631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631" }, { "category": "external", "summary": "2170644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644" }, { "category": "external", "summary": "2171935", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935" }, { "category": "external", "summary": "2172217", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217" }, { "category": "external", "summary": "2175826", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175826" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1743.json" } ], "title": "Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-06T02:45:00+00:00", "generator": { "date": "2024-11-06T02:45:00+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2023:1743", "initial_release_date": "2023-04-12T15:03:07+00:00", "revision_history": [ { "date": "2023-04-12T15:03:07+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-04-12T15:03:07+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T02:45:00+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nodejs:14:8070020230306170042:bd1311ed", "product": { "name": "nodejs:14:8070020230306170042:bd1311ed", "product_id": "nodejs:14:8070020230306170042:bd1311ed", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/nodejs@14:8070020230306170042:bd1311ed" } } }, { "category": "product_version", "name": "nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "product": { "name": "nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "product_id": "nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-docs@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "product": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "product_id": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-3.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=noarch" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "product": { "name": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "product_id": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "product": { "name": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "product_id": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "product": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "product_id": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-3.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=src" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "product": { "name": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "product_id": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "product": { "name": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "product_id": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "product": { "name": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "product_id": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.7.0%2B18531%2B81d21ca6?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, "product_reference": "nodejs:14:8070020230306170042:bd1311ed", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64 as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64 as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64 as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64 as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64 as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64 as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64 as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64 as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch" }, "product_reference": "nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64 as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64 as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch" }, "product_reference": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src" }, "product_reference": "nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64 as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64 as a component of nodejs:14:8070020230306170042:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-35065", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-12-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156324" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "glob-parent: Regular Expression Denial of Service", "title": "Vulnerability summary" }, { "category": "other", "text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-35065" }, { "category": "external", "summary": "RHBZ#2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065", "url": "https://www.cve.org/CVERecord?id=CVE-2021-35065" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294", "url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294" } ], "release_date": "2022-12-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:03:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1743" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "glob-parent: Regular Expression Denial of Service" }, { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:03:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1743" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "cve": "CVE-2022-4904", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2168631" } ], "notes": [ { "category": "description", "text": "A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "c-ares: buffer overflow in config_sortlist() due to missing string length check", "title": "Vulnerability summary" }, { "category": "other", "text": "The severity of this vulnerability is not important but moderate because exploiting the vulnerability can lead to a disruption of the availability of an application, yet doesn\u2019t compromise data integrity or confidentiality. The opportunity for disruption is further limited due to the requirement that an application allows an attacker to be able to input both untrusted and unvalidated data. Exploiting this flaw requires an application to use the library in such a way that would allow untrusted and unvalidated input to be passed directly to ares_set_sortlist by an attacker. In the event that this is able to occur, the impact to RHEL is limited to a crash of the application due to the protections offered by default in RHEL systems such as Stack Smashing Protection (SSP).", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-4904" }, { "category": "external", "summary": "RHBZ#2168631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4904", "url": "https://www.cve.org/CVERecord?id=CVE-2022-4904" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904" }, { "category": "external", "summary": "https://github.com/c-ares/c-ares/issues/496", "url": "https://github.com/c-ares/c-ares/issues/496" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:03:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1743" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "c-ares: buffer overflow in config_sortlist() due to missing string length check" }, { "cve": "CVE-2022-25881", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2023-01-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2165824" } ], "notes": [ { "category": "description", "text": "A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.", "title": "Vulnerability description" }, { "category": "summary", "text": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-25881" }, { "category": "external", "summary": "RHBZ#2165824", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25881", "url": "https://www.cve.org/CVERecord?id=CVE-2022-25881" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881" } ], "release_date": "2023-01-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:03:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1743" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability" }, { "cve": "CVE-2022-38900", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2023-02-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170644" } ], "notes": [ { "category": "description", "text": "A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "decode-uri-component: improper input validation resulting in DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "For OpenShift Container Platform (OCP), Advanced Clusters Management for Kubernetes (ACM) and Advanced Cluster Security (ACS), the NPM decode-uri-component package is only present in source repositories as a development dependency, it is not used in production. Therefore this vulnerability is rated Low for OCP and ACS.\n\nIn Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container bundles many nodejs packages as a build time dependencies, including the decode-uri-component package. \nThe vulnerable code is not used, hence the impact to OpenShift Logging by this vulnerability is Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38900" }, { "category": "external", "summary": "RHBZ#2170644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38900", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38900" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900" }, { "category": "external", "summary": "https://github.com/SamVerschueren/decode-uri-component/issues/5", "url": "https://github.com/SamVerschueren/decode-uri-component/issues/5" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-w573-4hg7-7wgq", "url": "https://github.com/advisories/GHSA-w573-4hg7-7wgq" } ], "release_date": "2022-11-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:03:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1743" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "decode-uri-component: improper input validation resulting in DoS" }, { "cve": "CVE-2023-23918", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "discovery_date": "2023-02-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2171935" } ], "notes": [ { "category": "description", "text": "A privilege escalation vulnerability exists in Node.js \u003c19.6.1, \u003c18.14.1, \u003c16.19.1 and \u003c14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.", "title": "Vulnerability description" }, { "category": "summary", "text": "Node.js: Permissions policies can be bypassed via process.mainModule", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-23918" }, { "category": "external", "summary": "RHBZ#2171935", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-23918", "url": "https://www.cve.org/CVERecord?id=CVE-2023-23918" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918" } ], "release_date": "2023-02-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:03:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1743" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Node.js: Permissions policies can be bypassed via process.mainModule" }, { "cve": "CVE-2023-23920", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "discovery_date": "2023-02-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2172217" } ], "notes": [ { "category": "description", "text": "An untrusted search path vulnerability exists in Node.js. \u003c19.6.1, \u003c18.14.1, \u003c16.19.1, and \u003c14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "Node.js: insecure loading of ICU data through ICU_DATA environment variable", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-23920" }, { "category": "external", "summary": "RHBZ#2172217", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-23920", "url": "https://www.cve.org/CVERecord?id=CVE-2023-23920" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920" } ], "release_date": "2023-02-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:03:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1743" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debuginfo-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-debugsource-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-devel-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-docs-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-full-i18n-1:14.21.3-1.module+el8.7.0+18531+81d21ca6.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-nodemon-0:2.0.20-3.module+el8.7.0+18531+81d21ca6.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020230306170042:bd1311ed:npm-1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Node.js: insecure loading of ICU data through ICU_DATA environment variable" } ] }
rhsa-2022_8833
Vulnerability from csaf_redhat
Published
2022-12-06 15:39
Modified
2024-11-06 02:04
Summary
Red Hat Security Advisory: nodejs:18 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (18.12.1), nodejs-nodemon (2.0.20). (BZ#2142818)
Security Fix(es):
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (18.12.1), nodejs-nodemon (2.0.20). (BZ#2142818)\n\nSecurity Fix(es):\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:8833", "url": "https://access.redhat.com/errata/RHSA-2022:8833" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "2142818", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142818" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8833.json" } ], "title": "Red Hat Security Advisory: nodejs:18 security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-06T02:04:57+00:00", "generator": { "date": "2024-11-06T02:04:57+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2022:8833", "initial_release_date": "2022-12-06T15:39:50+00:00", "revision_history": [ { "date": "2022-12-06T15:39:50+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-12-06T15:39:50+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T02:04:57+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nodejs:18:8070020221118123310:bd1311ed", "product": { "name": "nodejs:18:8070020221118123310:bd1311ed", "product_id": "nodejs:18:8070020221118123310:bd1311ed", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/nodejs@18:8070020221118123310:bd1311ed" } } }, { "category": "product_version", "name": "nodejs-docs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.noarch", "product": { "name": "nodejs-docs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.noarch", "product_id": "nodejs-docs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-docs@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.noarch", "product": { "name": "nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.noarch", "product_id": "nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-1.module%2Bel8.7.0%2B17282%2Bf47dd33b?arch=noarch" } } }, { "category": "product_version", "name": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "product": { "name": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "product_id": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-4.module%2Bel8.7.0%2B15582%2B19c314fa?arch=noarch" } } }, { "category": "product_version", "name": "nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "product": { "name": "nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "product_id": "nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging-bundler@2021.06-4.module%2Bel8.7.0%2B15582%2B19c314fa?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "product": { "name": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "product_id": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "product": { "name": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "product_id": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "product": { "name": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "product_id": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "product": { "name": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "product_id": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "product": { "name": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "product_id": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.aarch64", "product": { "name": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.aarch64", "product_id": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.19.2-1.18.12.1.2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.src", "product": { "name": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.src", "product_id": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.src", "product": { "name": "nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.src", "product_id": "nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-1.module%2Bel8.7.0%2B17282%2Bf47dd33b?arch=src" } } }, { "category": "product_version", "name": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src", "product": { "name": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src", "product_id": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-4.module%2Bel8.7.0%2B15582%2B19c314fa?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "product": { "name": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "product_id": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "product": { "name": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "product_id": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "product": { "name": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "product_id": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "product": { "name": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "product_id": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "product": { "name": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "product_id": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.ppc64le", "product": { "name": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.ppc64le", "product_id": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.19.2-1.18.12.1.2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "product": { "name": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "product_id": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "product": { "name": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "product_id": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "product": { "name": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "product_id": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "product": { "name": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "product_id": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "product": { "name": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "product_id": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.s390x", "product": { "name": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.s390x", "product_id": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.19.2-1.18.12.1.2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "product": { "name": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "product_id": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "product": { "name": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "product_id": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "product": { "name": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "product_id": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "product": { "name": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "product_id": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "product": { "name": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "product_id": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@18.12.1-2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.x86_64", "product": { "name": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.x86_64", "product_id": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.19.2-1.18.12.1.2.module%2Bel8.7.0%2B17306%2Bfc023f99?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, "product_reference": "nodejs:18:8070020221118123310:bd1311ed", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64 as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64" }, "product_reference": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le" }, "product_reference": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x" }, "product_reference": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.src as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.src" }, "product_reference": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.src", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64 as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64" }, "product_reference": "nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64 as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64" }, "product_reference": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le" }, "product_reference": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x" }, "product_reference": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64 as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64" }, "product_reference": "nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64 as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64" }, "product_reference": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le" }, "product_reference": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x" }, "product_reference": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64 as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64" }, "product_reference": "nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64 as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64" }, "product_reference": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le" }, "product_reference": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x" }, "product_reference": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64 as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64" }, "product_reference": "nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-docs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.noarch as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-docs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.noarch" }, "product_reference": "nodejs-docs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.noarch", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64 as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64" }, "product_reference": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le" }, "product_reference": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x" }, "product_reference": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64 as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64" }, "product_reference": "nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.noarch as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.noarch" }, "product_reference": "nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.noarch", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.src as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.src" }, "product_reference": "nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.src", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch" }, "product_reference": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src" }, "product_reference": "nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch" }, "product_reference": "nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.aarch64 as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.aarch64" }, "product_reference": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.ppc64le as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.ppc64le" }, "product_reference": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.s390x as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.s390x" }, "product_reference": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.x86_64 as a component of nodejs:18:8070020221118123310:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.x86_64" }, "product_reference": "npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-docs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-12-06T15:39:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-docs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8833" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-docs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "cve": "CVE-2022-43548", "cwe": { "id": "CWE-350", "name": "Reliance on Reverse DNS Resolution for a Security-Critical Action" }, "discovery_date": "2022-11-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140911" } ], "notes": [ { "category": "description", "text": "A flaw was found in NodeJS. The issue occurs in the Node.js rebinding protector for --inspect that still allows invalid IP addresses, specifically, the octal format. This flaw allows an attacker to perform DNS rebinding and execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: DNS rebinding in inspect via invalid octal IP address", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-docs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-43548" }, { "category": "external", "summary": "RHBZ#2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-43548", "url": "https://www.cve.org/CVERecord?id=CVE-2022-43548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548", "url": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548" } ], "release_date": "2022-11-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-12-06T15:39:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-docs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:8833" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debuginfo-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-debugsource-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-devel-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-docs-1:18.12.1-2.module+el8.7.0+17306+fc023f99.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-full-i18n-1:18.12.1-2.module+el8.7.0+17306+fc023f99.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-nodemon-0:2.0.20-1.module+el8.7.0+17282+f47dd33b.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-0:2021.06-4.module+el8.7.0+15582+19c314fa.src", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:nodejs-packaging-bundler-0:2021.06-4.module+el8.7.0+15582+19c314fa.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:18:8070020221118123310:bd1311ed:npm-1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: DNS rebinding in inspect via invalid octal IP address" } ] }
rhsa-2023_0630
Vulnerability from csaf_redhat
Published
2023-02-07 18:36
Modified
2024-11-06 02:24
Summary
Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.7.0 security and bug fix updates
Notes
Topic
Red Hat Advanced Cluster Management for Kubernetes 2.7.0 General
Availability release images, which provide security updates and fix bugs.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE links in the References section.
Details
Red Hat Advanced Cluster Management for Kubernetes 2.7.0 images
Red Hat Advanced Cluster Management for Kubernetes provides the
capabilities to address common challenges that administrators and site
reliability engineers face as they work across a range of public and
private cloud environments. Clusters and applications are all visible and
managed from a single console—with security policy built in.
This advisory contains the container images for Red Hat Advanced Cluster
Management for Kubernetes, which fix several bugs. See the following
Release Notes documentation, which will be updated shortly for this
release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html/release_notes/
Security updates:
* CVE-2022-41912 crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements
* CVE-2023-22467 luxon: Inefficient regular expression complexity in luxon.js
* CVE-2022-3517 nodejs-minimatch: ReDoS via the braceExpand function
* CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add
Bug addressed:
* ACM 2.7 images (BZ# 2116459)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat Advanced Cluster Management for Kubernetes 2.7.0 General\nAvailability release images, which provide security updates and fix bugs.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Advanced Cluster Management for Kubernetes 2.7.0 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in.\n\nThis advisory contains the container images for Red Hat Advanced Cluster\nManagement for Kubernetes, which fix several bugs. See the following\nRelease Notes documentation, which will be updated shortly for this\nrelease, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html/release_notes/\n\nSecurity updates:\n\n* CVE-2022-41912 crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements\n* CVE-2023-22467 luxon: Inefficient regular expression complexity in luxon.js\n* CVE-2022-3517 nodejs-minimatch: ReDoS via the braceExpand function\n* CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add\n\nBug addressed:\n\n* ACM 2.7 images (BZ# 2116459)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:0630", "url": "https://access.redhat.com/errata/RHSA-2023:0630" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2092793", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092793" }, { "category": "external", "summary": "2116459", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116459" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2149181", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2149181" }, { "category": "external", "summary": "2159959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159959" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0630.json" } ], "title": "Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.7.0 security and bug fix updates", "tracking": { "current_release_date": "2024-11-06T02:24:59+00:00", "generator": { "date": "2024-11-06T02:24:59+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2023:0630", "initial_release_date": "2023-02-07T18:36:08+00:00", "revision_history": [ { "date": "2023-02-07T18:36:08+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-02-07T18:36:08+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T02:24:59+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product": { "name": "Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7", "product_identification_helper": { "cpe": "cpe:/a:redhat:acm:2.7::el8" } } } ], "category": "product_family", "name": "Red Hat ACM" }, { "branches": [ { "category": "product_version", "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:b30028955a86b6ecdb8c6865328976d74e98f56d6e21277a9f5a812f896b6303_arm64", "product": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:b30028955a86b6ecdb8c6865328976d74e98f56d6e21277a9f5a812f896b6303_arm64", "product_id": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:b30028955a86b6ecdb8c6865328976d74e98f56d6e21277a9f5a812f896b6303_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-governance-policy-addon-controller-rhel8@sha256:b30028955a86b6ecdb8c6865328976d74e98f56d6e21277a9f5a812f896b6303?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel8\u0026tag=v2.7.0-48" } } }, { "category": "product_version", "name": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:7dcde13540cc938374463521f91091a7bbf0a037cabfc5e4b55c89497e0ba6bf_arm64", "product": { "name": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:7dcde13540cc938374463521f91091a7bbf0a037cabfc5e4b55c89497e0ba6bf_arm64", "product_id": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:7dcde13540cc938374463521f91091a7bbf0a037cabfc5e4b55c89497e0ba6bf_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-governance-policy-framework-addon-rhel8@sha256:7dcde13540cc938374463521f91091a7bbf0a037cabfc5e4b55c89497e0ba6bf?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-framework-addon-rhel8\u0026tag=v2.7.0-25" } } }, { "category": "product_version", "name": "rhacm2/acm-grafana-rhel8@sha256:0c427fa58c97b71eb784e4a590c208b0284cf656f66a268ea4803804ce3ce28a_arm64", "product": { "name": "rhacm2/acm-grafana-rhel8@sha256:0c427fa58c97b71eb784e4a590c208b0284cf656f66a268ea4803804ce3ce28a_arm64", "product_id": "rhacm2/acm-grafana-rhel8@sha256:0c427fa58c97b71eb784e4a590c208b0284cf656f66a268ea4803804ce3ce28a_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-grafana-rhel8@sha256:0c427fa58c97b71eb784e4a590c208b0284cf656f66a268ea4803804ce3ce28a?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.7.0-19" } } }, { "category": "product_version", "name": "rhacm2/acm-must-gather-rhel8@sha256:0be17e173b962f1a87e833096f208c9030fce1128b2b8c86842a0a40f7d6cf02_arm64", "product": { "name": "rhacm2/acm-must-gather-rhel8@sha256:0be17e173b962f1a87e833096f208c9030fce1128b2b8c86842a0a40f7d6cf02_arm64", "product_id": "rhacm2/acm-must-gather-rhel8@sha256:0be17e173b962f1a87e833096f208c9030fce1128b2b8c86842a0a40f7d6cf02_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-must-gather-rhel8@sha256:0be17e173b962f1a87e833096f208c9030fce1128b2b8c86842a0a40f7d6cf02?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.7.0-23" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a4e43fc7608837da6a66cb2c5bda4b78b520c3075c0f1f66bb824fa44e2d35fd_arm64", "product": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a4e43fc7608837da6a66cb2c5bda4b78b520c3075c0f1f66bb824fa44e2d35fd_arm64", "product_id": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a4e43fc7608837da6a66cb2c5bda4b78b520c3075c0f1f66bb824fa44e2d35fd_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-config-reloader-rhel8@sha256:a4e43fc7608837da6a66cb2c5bda4b78b520c3075c0f1f66bb824fa44e2d35fd?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel8\u0026tag=v2.7.0-22" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-rhel8@sha256:b3ee1cad060e7f72414df1ae6c0e27ddf6f6fa7a8e45627ebeb912b8a9ca3b74_arm64", "product": { "name": "rhacm2/acm-prometheus-rhel8@sha256:b3ee1cad060e7f72414df1ae6c0e27ddf6f6fa7a8e45627ebeb912b8a9ca3b74_arm64", "product_id": "rhacm2/acm-prometheus-rhel8@sha256:b3ee1cad060e7f72414df1ae6c0e27ddf6f6fa7a8e45627ebeb912b8a9ca3b74_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-rhel8@sha256:b3ee1cad060e7f72414df1ae6c0e27ddf6f6fa7a8e45627ebeb912b8a9ca3b74?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel8\u0026tag=v2.7.0-22" } } }, { "category": "product_version", "name": "rhacm2/acm-search-indexer-rhel8@sha256:aed3972894519bc832bd9a340316a752ebb8edbc393051904c399eef7e423dd4_arm64", "product": { "name": "rhacm2/acm-search-indexer-rhel8@sha256:aed3972894519bc832bd9a340316a752ebb8edbc393051904c399eef7e423dd4_arm64", "product_id": "rhacm2/acm-search-indexer-rhel8@sha256:aed3972894519bc832bd9a340316a752ebb8edbc393051904c399eef7e423dd4_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-search-indexer-rhel8@sha256:aed3972894519bc832bd9a340316a752ebb8edbc393051904c399eef7e423dd4?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-search-indexer-rhel8\u0026tag=v2.7.0-26" } } }, { "category": "product_version", "name": "rhacm2/acm-search-v2-api-rhel8@sha256:f2924c460e8d7e12da359f365f9ec3b13c2d175dd6c11533b12113741eea7292_arm64", "product": { "name": "rhacm2/acm-search-v2-api-rhel8@sha256:f2924c460e8d7e12da359f365f9ec3b13c2d175dd6c11533b12113741eea7292_arm64", "product_id": "rhacm2/acm-search-v2-api-rhel8@sha256:f2924c460e8d7e12da359f365f9ec3b13c2d175dd6c11533b12113741eea7292_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-search-v2-api-rhel8@sha256:f2924c460e8d7e12da359f365f9ec3b13c2d175dd6c11533b12113741eea7292?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-search-v2-api-rhel8\u0026tag=v2.7.0-42" } } }, { "category": "product_version", "name": "rhacm2/acm-search-v2-rhel8@sha256:8a28d0fad728823ae5a07a259a0866bc507ae9b0f90eb1b4c63567aaf13c377c_arm64", "product": { "name": "rhacm2/acm-search-v2-rhel8@sha256:8a28d0fad728823ae5a07a259a0866bc507ae9b0f90eb1b4c63567aaf13c377c_arm64", "product_id": "rhacm2/acm-search-v2-rhel8@sha256:8a28d0fad728823ae5a07a259a0866bc507ae9b0f90eb1b4c63567aaf13c377c_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-search-v2-rhel8@sha256:8a28d0fad728823ae5a07a259a0866bc507ae9b0f90eb1b4c63567aaf13c377c?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-search-v2-rhel8\u0026tag=v2.7.0-33" } } }, { "category": "product_version", "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:a7f8ce55764d4e303d54aaf064d56ee192620d29b361fabcda2a26f364221dc9_arm64", "product": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:a7f8ce55764d4e303d54aaf064d56ee192620d29b361fabcda2a26f364221dc9_arm64", "product_id": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:a7f8ce55764d4e303d54aaf064d56ee192620d29b361fabcda2a26f364221dc9_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-volsync-addon-controller-rhel8@sha256:a7f8ce55764d4e303d54aaf064d56ee192620d29b361fabcda2a26f364221dc9?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel8\u0026tag=v2.7.0-26" } } }, { "category": "product_version", "name": "rhacm2/cert-policy-controller-rhel8@sha256:488e74aed7f420f6112ef1f7b3b5cc812358574ec149ecca1147ff2f9d6d7835_arm64", "product": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:488e74aed7f420f6112ef1f7b3b5cc812358574ec149ecca1147ff2f9d6d7835_arm64", "product_id": "rhacm2/cert-policy-controller-rhel8@sha256:488e74aed7f420f6112ef1f7b3b5cc812358574ec149ecca1147ff2f9d6d7835_arm64", "product_identification_helper": { "purl": "pkg:oci/cert-policy-controller-rhel8@sha256:488e74aed7f420f6112ef1f7b3b5cc812358574ec149ecca1147ff2f9d6d7835?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.7.0-23" } } }, { "category": "product_version", "name": "rhacm2/cluster-backup-rhel8-operator@sha256:3af39faf1795e87018795c35b2ec5074bfcd1bf76b84326446cfb1570bc0d5e0_arm64", "product": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:3af39faf1795e87018795c35b2ec5074bfcd1bf76b84326446cfb1570bc0d5e0_arm64", "product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:3af39faf1795e87018795c35b2ec5074bfcd1bf76b84326446cfb1570bc0d5e0_arm64", "product_identification_helper": { "purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:3af39faf1795e87018795c35b2ec5074bfcd1bf76b84326446cfb1570bc0d5e0?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.7.0-74" } } }, { "category": "product_version", "name": "rhacm2/config-policy-controller-rhel8@sha256:328c0d0e4d06573f2f26bbec39f1a570eb6ddbc26a5c0fa380fec7f840f6475e_arm64", "product": { "name": "rhacm2/config-policy-controller-rhel8@sha256:328c0d0e4d06573f2f26bbec39f1a570eb6ddbc26a5c0fa380fec7f840f6475e_arm64", "product_id": "rhacm2/config-policy-controller-rhel8@sha256:328c0d0e4d06573f2f26bbec39f1a570eb6ddbc26a5c0fa380fec7f840f6475e_arm64", "product_identification_helper": { "purl": "pkg:oci/config-policy-controller-rhel8@sha256:328c0d0e4d06573f2f26bbec39f1a570eb6ddbc26a5c0fa380fec7f840f6475e?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.7.0-39" } } }, { "category": "product_version", "name": "rhacm2/console-rhel8@sha256:33929c835221f166d0eb731f5e553cdf78a5579a124c90b462d4bb5250dc7254_arm64", "product": { "name": "rhacm2/console-rhel8@sha256:33929c835221f166d0eb731f5e553cdf78a5579a124c90b462d4bb5250dc7254_arm64", "product_id": "rhacm2/console-rhel8@sha256:33929c835221f166d0eb731f5e553cdf78a5579a124c90b462d4bb5250dc7254_arm64", "product_identification_helper": { "purl": "pkg:oci/console-rhel8@sha256:33929c835221f166d0eb731f5e553cdf78a5579a124c90b462d4bb5250dc7254?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.7.0-125" } } }, { "category": "product_version", "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:64c9e84fb923d107d0d4d3f9026510de03f73773cc8348f0025721d26033215c_arm64", "product": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:64c9e84fb923d107d0d4d3f9026510de03f73773cc8348f0025721d26033215c_arm64", "product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:64c9e84fb923d107d0d4d3f9026510de03f73773cc8348f0025721d26033215c_arm64", "product_identification_helper": { "purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:64c9e84fb923d107d0d4d3f9026510de03f73773cc8348f0025721d26033215c?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.7.0-33" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-propagator-rhel8@sha256:e05489056e65dba4eb291b050c8072608a5efc2ce971b34a903c8c7ca07e0927_arm64", "product": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:e05489056e65dba4eb291b050c8072608a5efc2ce971b34a903c8c7ca07e0927_arm64", "product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:e05489056e65dba4eb291b050c8072608a5efc2ce971b34a903c8c7ca07e0927_arm64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:e05489056e65dba4eb291b050c8072608a5efc2ce971b34a903c8c7ca07e0927?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.7.0-47" } } }, { "category": "product_version", "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:d41f6fabaec525dfaac736806b93102479260309f482e155af2b03dc3c9a0c61_arm64", "product": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:d41f6fabaec525dfaac736806b93102479260309f482e155af2b03dc3c9a0c61_arm64", "product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:d41f6fabaec525dfaac736806b93102479260309f482e155af2b03dc3c9a0c61_arm64", "product_identification_helper": { "purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:d41f6fabaec525dfaac736806b93102479260309f482e155af2b03dc3c9a0c61?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.7.0-34" } } }, { "category": "product_version", "name": "rhacm2/iam-policy-controller-rhel8@sha256:cc5f8499009dc316d936c3a57f9a9457d5f2bbc8568e2b484a7c8b1cc676da7c_arm64", "product": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:cc5f8499009dc316d936c3a57f9a9457d5f2bbc8568e2b484a7c8b1cc676da7c_arm64", "product_id": "rhacm2/iam-policy-controller-rhel8@sha256:cc5f8499009dc316d936c3a57f9a9457d5f2bbc8568e2b484a7c8b1cc676da7c_arm64", "product_identification_helper": { "purl": "pkg:oci/iam-policy-controller-rhel8@sha256:cc5f8499009dc316d936c3a57f9a9457d5f2bbc8568e2b484a7c8b1cc676da7c?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.7.0-24" } } }, { "category": "product_version", "name": "rhacm2/insights-client-rhel8@sha256:5a32ad8c8e7792f9679a604f073bce047c4f8fdd713a655ae83314e27366c5af_arm64", "product": { "name": "rhacm2/insights-client-rhel8@sha256:5a32ad8c8e7792f9679a604f073bce047c4f8fdd713a655ae83314e27366c5af_arm64", "product_id": "rhacm2/insights-client-rhel8@sha256:5a32ad8c8e7792f9679a604f073bce047c4f8fdd713a655ae83314e27366c5af_arm64", "product_identification_helper": { "purl": "pkg:oci/insights-client-rhel8@sha256:5a32ad8c8e7792f9679a604f073bce047c4f8fdd713a655ae83314e27366c5af?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.7.0-20" } } }, { "category": "product_version", "name": "rhacm2/insights-metrics-rhel8@sha256:57bf2eca5df0be601d7dd59357e95d078bf69d26c1b26cdd56d0d311df123d5a_arm64", "product": { "name": "rhacm2/insights-metrics-rhel8@sha256:57bf2eca5df0be601d7dd59357e95d078bf69d26c1b26cdd56d0d311df123d5a_arm64", "product_id": "rhacm2/insights-metrics-rhel8@sha256:57bf2eca5df0be601d7dd59357e95d078bf69d26c1b26cdd56d0d311df123d5a_arm64", "product_identification_helper": { "purl": "pkg:oci/insights-metrics-rhel8@sha256:57bf2eca5df0be601d7dd59357e95d078bf69d26c1b26cdd56d0d311df123d5a?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.7.0-20" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7cea9ce9aeb26df137590353de05b8a88ee55faa43cecde68e40fb875f9844cd_arm64", "product": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7cea9ce9aeb26df137590353de05b8a88ee55faa43cecde68e40fb875f9844cd_arm64", "product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7cea9ce9aeb26df137590353de05b8a88ee55faa43cecde68e40fb875f9844cd_arm64", "product_identification_helper": { "purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:7cea9ce9aeb26df137590353de05b8a88ee55faa43cecde68e40fb875f9844cd?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.7.0-20" } } }, { "category": "product_version", "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:407178ad223483b92a382e0fb916de9f42f1a0db9aaacb66710a7a743f1c3dce_arm64", "product": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:407178ad223483b92a382e0fb916de9f42f1a0db9aaacb66710a7a743f1c3dce_arm64", "product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:407178ad223483b92a382e0fb916de9f42f1a0db9aaacb66710a7a743f1c3dce_arm64", "product_identification_helper": { "purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:407178ad223483b92a382e0fb916de9f42f1a0db9aaacb66710a7a743f1c3dce?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.7.0-21" } } }, { "category": "product_version", "name": "rhacm2/kube-state-metrics-rhel8@sha256:534420075e829b5881f6cd3f32d4aa90ea3075de869b84f689c9606d4f03521a_arm64", "product": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:534420075e829b5881f6cd3f32d4aa90ea3075de869b84f689c9606d4f03521a_arm64", "product_id": "rhacm2/kube-state-metrics-rhel8@sha256:534420075e829b5881f6cd3f32d4aa90ea3075de869b84f689c9606d4f03521a_arm64", "product_identification_helper": { "purl": "pkg:oci/kube-state-metrics-rhel8@sha256:534420075e829b5881f6cd3f32d4aa90ea3075de869b84f689c9606d4f03521a?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.7.0-22" } } }, { "category": "product_version", "name": "rhacm2/management-ingress-rhel8@sha256:bea2ee18f401ec1b4c4b87f40f6f79a4418d6aafad5e2b50099f7541b6699de7_arm64", "product": { "name": "rhacm2/management-ingress-rhel8@sha256:bea2ee18f401ec1b4c4b87f40f6f79a4418d6aafad5e2b50099f7541b6699de7_arm64", "product_id": "rhacm2/management-ingress-rhel8@sha256:bea2ee18f401ec1b4c4b87f40f6f79a4418d6aafad5e2b50099f7541b6699de7_arm64", "product_identification_helper": { "purl": "pkg:oci/management-ingress-rhel8@sha256:bea2ee18f401ec1b4c4b87f40f6f79a4418d6aafad5e2b50099f7541b6699de7?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.7.0-21" } } }, { "category": "product_version", "name": "rhacm2/memcached-rhel8@sha256:e044af5fee732dd9923759b312c3b72dd4b6ab1780456973f35677d72586913e_arm64", "product": { "name": "rhacm2/memcached-rhel8@sha256:e044af5fee732dd9923759b312c3b72dd4b6ab1780456973f35677d72586913e_arm64", "product_id": "rhacm2/memcached-rhel8@sha256:e044af5fee732dd9923759b312c3b72dd4b6ab1780456973f35677d72586913e_arm64", "product_identification_helper": { "purl": "pkg:oci/memcached-rhel8@sha256:e044af5fee732dd9923759b312c3b72dd4b6ab1780456973f35677d72586913e?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.7.0-9" } } }, { "category": "product_version", "name": "rhacm2/memcached-exporter-rhel8@sha256:094b84362782a88d8b0c7a75a23dd5ae3ff846913f0a49e732d53cc0efdf6a61_arm64", "product": { "name": "rhacm2/memcached-exporter-rhel8@sha256:094b84362782a88d8b0c7a75a23dd5ae3ff846913f0a49e732d53cc0efdf6a61_arm64", "product_id": "rhacm2/memcached-exporter-rhel8@sha256:094b84362782a88d8b0c7a75a23dd5ae3ff846913f0a49e732d53cc0efdf6a61_arm64", "product_identification_helper": { "purl": "pkg:oci/memcached-exporter-rhel8@sha256:094b84362782a88d8b0c7a75a23dd5ae3ff846913f0a49e732d53cc0efdf6a61?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.7.0-16" } } }, { "category": "product_version", "name": "rhacm2/metrics-collector-rhel8@sha256:2358249e2cf40d054cca5711f39091e2f0cbd44e61a24d3c1dd1a9e79cc440b1_arm64", "product": { "name": "rhacm2/metrics-collector-rhel8@sha256:2358249e2cf40d054cca5711f39091e2f0cbd44e61a24d3c1dd1a9e79cc440b1_arm64", "product_id": "rhacm2/metrics-collector-rhel8@sha256:2358249e2cf40d054cca5711f39091e2f0cbd44e61a24d3c1dd1a9e79cc440b1_arm64", "product_identification_helper": { "purl": "pkg:oci/metrics-collector-rhel8@sha256:2358249e2cf40d054cca5711f39091e2f0cbd44e61a24d3c1dd1a9e79cc440b1?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.7.0-33" } } }, { "category": "product_version", "name": "rhacm2/multicloud-integrations-rhel8@sha256:f02a569222e13356f5fbdef5b7d2da943e6f6071fd88ba75a2565b3d340b6c3a_arm64", "product": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:f02a569222e13356f5fbdef5b7d2da943e6f6071fd88ba75a2565b3d340b6c3a_arm64", "product_id": "rhacm2/multicloud-integrations-rhel8@sha256:f02a569222e13356f5fbdef5b7d2da943e6f6071fd88ba75a2565b3d340b6c3a_arm64", "product_identification_helper": { "purl": "pkg:oci/multicloud-integrations-rhel8@sha256:f02a569222e13356f5fbdef5b7d2da943e6f6071fd88ba75a2565b3d340b6c3a?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.7.0-24" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-rhel8@sha256:fdf9ae4924a587c945a85b2319b0471a5688368df572f2de852c51da8bc74dcb_arm64", "product": { "name": "rhacm2/multiclusterhub-rhel8@sha256:fdf9ae4924a587c945a85b2319b0471a5688368df572f2de852c51da8bc74dcb_arm64", "product_id": "rhacm2/multiclusterhub-rhel8@sha256:fdf9ae4924a587c945a85b2319b0471a5688368df572f2de852c51da8bc74dcb_arm64", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-rhel8@sha256:fdf9ae4924a587c945a85b2319b0471a5688368df572f2de852c51da8bc74dcb?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.7.0-63" } } }, { "category": "product_version", "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:49083d7039af6df4bd639dd998162c96dc586da4d828ffbe9c880a8a8d6d13d6_arm64", "product": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:49083d7039af6df4bd639dd998162c96dc586da4d828ffbe9c880a8a8d6d13d6_arm64", "product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:49083d7039af6df4bd639dd998162c96dc586da4d828ffbe9c880a8a8d6d13d6_arm64", "product_identification_helper": { "purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:49083d7039af6df4bd639dd998162c96dc586da4d828ffbe9c880a8a8d6d13d6?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.7.0-34" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-application-rhel8@sha256:9c58c89cb0173394684d7d23178ad32eb2d571444cb306ea599565eaac92ea4f_arm64", "product": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:9c58c89cb0173394684d7d23178ad32eb2d571444cb306ea599565eaac92ea4f_arm64", "product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:9c58c89cb0173394684d7d23178ad32eb2d571444cb306ea599565eaac92ea4f_arm64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:9c58c89cb0173394684d7d23178ad32eb2d571444cb306ea599565eaac92ea4f?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.7.0-22" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:ddb1016901287c80ef1972f25db37b1182e854115671961efb3fc0048cd95800_arm64", "product": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:ddb1016901287c80ef1972f25db37b1182e854115671961efb3fc0048cd95800_arm64", "product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:ddb1016901287c80ef1972f25db37b1182e854115671961efb3fc0048cd95800_arm64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:ddb1016901287c80ef1972f25db37b1182e854115671961efb3fc0048cd95800?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.7.0-25" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:548d610f996e73b67eb21d2993b5ac3d0da02997a48b9c1226072d6d95ae4c3b_arm64", "product": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:548d610f996e73b67eb21d2993b5ac3d0da02997a48b9c1226072d6d95ae4c3b_arm64", "product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:548d610f996e73b67eb21d2993b5ac3d0da02997a48b9c1226072d6d95ae4c3b_arm64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:548d610f996e73b67eb21d2993b5ac3d0da02997a48b9c1226072d6d95ae4c3b?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.7.0-57" } } }, { "category": "product_version", "name": "rhacm2/node-exporter-rhel8@sha256:8b359fcf74d236fc488ef4553dbaf9dbec549e331f2b103b40139aa2eb1345e4_arm64", "product": { "name": "rhacm2/node-exporter-rhel8@sha256:8b359fcf74d236fc488ef4553dbaf9dbec549e331f2b103b40139aa2eb1345e4_arm64", "product_id": "rhacm2/node-exporter-rhel8@sha256:8b359fcf74d236fc488ef4553dbaf9dbec549e331f2b103b40139aa2eb1345e4_arm64", "product_identification_helper": { "purl": "pkg:oci/node-exporter-rhel8@sha256:8b359fcf74d236fc488ef4553dbaf9dbec549e331f2b103b40139aa2eb1345e4?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.7.0-21" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8@sha256:1e46b8610e037752ecfb30aaac5c7459a81aa119bf0c2b2ffb0dc90cd5701af0_arm64", "product": { "name": "rhacm2/observatorium-rhel8@sha256:1e46b8610e037752ecfb30aaac5c7459a81aa119bf0c2b2ffb0dc90cd5701af0_arm64", "product_id": "rhacm2/observatorium-rhel8@sha256:1e46b8610e037752ecfb30aaac5c7459a81aa119bf0c2b2ffb0dc90cd5701af0_arm64", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8@sha256:1e46b8610e037752ecfb30aaac5c7459a81aa119bf0c2b2ffb0dc90cd5701af0?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.7.0-21" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8-operator@sha256:928c114e3aca978626ad91889aaed0cc20ca0d641ad946c9a1b1f2424245c795_arm64", "product": { "name": "rhacm2/observatorium-rhel8-operator@sha256:928c114e3aca978626ad91889aaed0cc20ca0d641ad946c9a1b1f2424245c795_arm64", "product_id": "rhacm2/observatorium-rhel8-operator@sha256:928c114e3aca978626ad91889aaed0cc20ca0d641ad946c9a1b1f2424245c795_arm64", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8-operator@sha256:928c114e3aca978626ad91889aaed0cc20ca0d641ad946c9a1b1f2424245c795?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.7.0-19" } } }, { "category": "product_version", "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:8349cdc4677a2dd37c54b058c487d76e8fbe4c76178e805d4745ef5c62bc6151_arm64", "product": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:8349cdc4677a2dd37c54b058c487d76e8fbe4c76178e805d4745ef5c62bc6151_arm64", "product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:8349cdc4677a2dd37c54b058c487d76e8fbe4c76178e805d4745ef5c62bc6151_arm64", "product_identification_helper": { "purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:8349cdc4677a2dd37c54b058c487d76e8fbe4c76178e805d4745ef5c62bc6151?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.7.0-18" } } }, { "category": "product_version", "name": "rhacm2/prometheus-rhel8@sha256:a3661c1cbfa2f8c230ec44ee5e2fecf1967ce48df0c9699f063bd27407b94dac_arm64", "product": { "name": "rhacm2/prometheus-rhel8@sha256:a3661c1cbfa2f8c230ec44ee5e2fecf1967ce48df0c9699f063bd27407b94dac_arm64", "product_id": "rhacm2/prometheus-rhel8@sha256:a3661c1cbfa2f8c230ec44ee5e2fecf1967ce48df0c9699f063bd27407b94dac_arm64", "product_identification_helper": { "purl": "pkg:oci/prometheus-rhel8@sha256:a3661c1cbfa2f8c230ec44ee5e2fecf1967ce48df0c9699f063bd27407b94dac?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.7.0-18" } } }, { "category": "product_version", "name": "rhacm2/rbac-query-proxy-rhel8@sha256:84486a82cd6655d5e5a1fbccae5a2e9335498d3e05422fa325b443c8923c1b75_arm64", "product": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:84486a82cd6655d5e5a1fbccae5a2e9335498d3e05422fa325b443c8923c1b75_arm64", "product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:84486a82cd6655d5e5a1fbccae5a2e9335498d3e05422fa325b443c8923c1b75_arm64", "product_identification_helper": { "purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:84486a82cd6655d5e5a1fbccae5a2e9335498d3e05422fa325b443c8923c1b75?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.7.0-34" } } }, { "category": "product_version", "name": "rhacm2/search-collector-rhel8@sha256:4b7544ec460f265afb71c9d362cf9851e3ba250c3ab694ccc9a78c15eb38a612_arm64", "product": { "name": "rhacm2/search-collector-rhel8@sha256:4b7544ec460f265afb71c9d362cf9851e3ba250c3ab694ccc9a78c15eb38a612_arm64", "product_id": "rhacm2/search-collector-rhel8@sha256:4b7544ec460f265afb71c9d362cf9851e3ba250c3ab694ccc9a78c15eb38a612_arm64", "product_identification_helper": { "purl": "pkg:oci/search-collector-rhel8@sha256:4b7544ec460f265afb71c9d362cf9851e3ba250c3ab694ccc9a78c15eb38a612?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.7.0-28" } } }, { "category": "product_version", "name": "rhacm2/submariner-addon-rhel8@sha256:7400391c2a56bc01da6fbbf13bb249a01e90d8eccb8d465dfb19c3598f5fecbe_arm64", "product": { "name": "rhacm2/submariner-addon-rhel8@sha256:7400391c2a56bc01da6fbbf13bb249a01e90d8eccb8d465dfb19c3598f5fecbe_arm64", "product_id": "rhacm2/submariner-addon-rhel8@sha256:7400391c2a56bc01da6fbbf13bb249a01e90d8eccb8d465dfb19c3598f5fecbe_arm64", "product_identification_helper": { "purl": "pkg:oci/submariner-addon-rhel8@sha256:7400391c2a56bc01da6fbbf13bb249a01e90d8eccb8d465dfb19c3598f5fecbe?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.7.0-52" } } }, { "category": "product_version", "name": "rhacm2/thanos-rhel8@sha256:26de3711356177090694b4bf00821d873127cf8c0675fe42a8f757c5c37a40cd_arm64", "product": { "name": "rhacm2/thanos-rhel8@sha256:26de3711356177090694b4bf00821d873127cf8c0675fe42a8f757c5c37a40cd_arm64", "product_id": "rhacm2/thanos-rhel8@sha256:26de3711356177090694b4bf00821d873127cf8c0675fe42a8f757c5c37a40cd_arm64", "product_identification_helper": { "purl": "pkg:oci/thanos-rhel8@sha256:26de3711356177090694b4bf00821d873127cf8c0675fe42a8f757c5c37a40cd?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.7.0-17" } } }, { "category": "product_version", "name": "rhacm2/thanos-receive-controller-rhel8@sha256:7ceb607e7a3205361d8c9d1b44aae47381e2d07b129e40b5f90f55c3a8402774_arm64", "product": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:7ceb607e7a3205361d8c9d1b44aae47381e2d07b129e40b5f90f55c3a8402774_arm64", "product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:7ceb607e7a3205361d8c9d1b44aae47381e2d07b129e40b5f90f55c3a8402774_arm64", "product_identification_helper": { "purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:7ceb607e7a3205361d8c9d1b44aae47381e2d07b129e40b5f90f55c3a8402774?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.7.0-19" } } } ], "category": "architecture", "name": "arm64" }, { "branches": [ { "category": "product_version", "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:2c7f0617df666e8cbcd622dee073a35843db4a81caa19b7db3b9fb9264cdf7fc_amd64", "product": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:2c7f0617df666e8cbcd622dee073a35843db4a81caa19b7db3b9fb9264cdf7fc_amd64", "product_id": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:2c7f0617df666e8cbcd622dee073a35843db4a81caa19b7db3b9fb9264cdf7fc_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-governance-policy-addon-controller-rhel8@sha256:2c7f0617df666e8cbcd622dee073a35843db4a81caa19b7db3b9fb9264cdf7fc?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel8\u0026tag=v2.7.0-48" } } }, { "category": "product_version", "name": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:ec5fc63b94bc9c070f14fd76d4ae26b90e3f29d3694887380a5f8f8ea5a04bc0_amd64", "product": { "name": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:ec5fc63b94bc9c070f14fd76d4ae26b90e3f29d3694887380a5f8f8ea5a04bc0_amd64", "product_id": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:ec5fc63b94bc9c070f14fd76d4ae26b90e3f29d3694887380a5f8f8ea5a04bc0_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-governance-policy-framework-addon-rhel8@sha256:ec5fc63b94bc9c070f14fd76d4ae26b90e3f29d3694887380a5f8f8ea5a04bc0?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-framework-addon-rhel8\u0026tag=v2.7.0-25" } } }, { "category": "product_version", "name": "rhacm2/acm-grafana-rhel8@sha256:49746c3a6e7033b1bac90d3515e0f5ab44aaf9c45cce414308da72bb960287b1_amd64", "product": { "name": "rhacm2/acm-grafana-rhel8@sha256:49746c3a6e7033b1bac90d3515e0f5ab44aaf9c45cce414308da72bb960287b1_amd64", "product_id": "rhacm2/acm-grafana-rhel8@sha256:49746c3a6e7033b1bac90d3515e0f5ab44aaf9c45cce414308da72bb960287b1_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-grafana-rhel8@sha256:49746c3a6e7033b1bac90d3515e0f5ab44aaf9c45cce414308da72bb960287b1?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.7.0-19" } } }, { "category": "product_version", "name": "rhacm2/acm-must-gather-rhel8@sha256:5c79bf93599b792c20c76d9a0a35532ad79a45f3765dccfbafab9a273e338e52_amd64", "product": { "name": "rhacm2/acm-must-gather-rhel8@sha256:5c79bf93599b792c20c76d9a0a35532ad79a45f3765dccfbafab9a273e338e52_amd64", "product_id": "rhacm2/acm-must-gather-rhel8@sha256:5c79bf93599b792c20c76d9a0a35532ad79a45f3765dccfbafab9a273e338e52_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-must-gather-rhel8@sha256:5c79bf93599b792c20c76d9a0a35532ad79a45f3765dccfbafab9a273e338e52?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.7.0-23" } } }, { "category": "product_version", "name": "rhacm2/acm-operator-bundle@sha256:f63d0a9a0e3dc9d86e84279c50e9c613d8430e71a3821d418e168250ca3b747c_amd64", "product": { "name": "rhacm2/acm-operator-bundle@sha256:f63d0a9a0e3dc9d86e84279c50e9c613d8430e71a3821d418e168250ca3b747c_amd64", "product_id": "rhacm2/acm-operator-bundle@sha256:f63d0a9a0e3dc9d86e84279c50e9c613d8430e71a3821d418e168250ca3b747c_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-operator-bundle@sha256:f63d0a9a0e3dc9d86e84279c50e9c613d8430e71a3821d418e168250ca3b747c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.7.0-267" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:7fcb79c1707b3c8b767d8c174e5b64516f200c0bfa255c1f40557446b37debae_amd64", "product": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:7fcb79c1707b3c8b767d8c174e5b64516f200c0bfa255c1f40557446b37debae_amd64", "product_id": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:7fcb79c1707b3c8b767d8c174e5b64516f200c0bfa255c1f40557446b37debae_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-config-reloader-rhel8@sha256:7fcb79c1707b3c8b767d8c174e5b64516f200c0bfa255c1f40557446b37debae?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel8\u0026tag=v2.7.0-22" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-rhel8@sha256:4283fa3b6ee93404d4fe7b551b52dbd7a4bbd8be0a57cf9b603a68736feefaea_amd64", "product": { "name": "rhacm2/acm-prometheus-rhel8@sha256:4283fa3b6ee93404d4fe7b551b52dbd7a4bbd8be0a57cf9b603a68736feefaea_amd64", "product_id": "rhacm2/acm-prometheus-rhel8@sha256:4283fa3b6ee93404d4fe7b551b52dbd7a4bbd8be0a57cf9b603a68736feefaea_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-rhel8@sha256:4283fa3b6ee93404d4fe7b551b52dbd7a4bbd8be0a57cf9b603a68736feefaea?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel8\u0026tag=v2.7.0-22" } } }, { "category": "product_version", "name": "rhacm2/acm-search-indexer-rhel8@sha256:436307eef035e0e9be448eb6c4f6a690a7d357ed06d661642b082e0d3219864c_amd64", "product": { "name": "rhacm2/acm-search-indexer-rhel8@sha256:436307eef035e0e9be448eb6c4f6a690a7d357ed06d661642b082e0d3219864c_amd64", "product_id": "rhacm2/acm-search-indexer-rhel8@sha256:436307eef035e0e9be448eb6c4f6a690a7d357ed06d661642b082e0d3219864c_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-search-indexer-rhel8@sha256:436307eef035e0e9be448eb6c4f6a690a7d357ed06d661642b082e0d3219864c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-search-indexer-rhel8\u0026tag=v2.7.0-26" } } }, { "category": "product_version", "name": "rhacm2/acm-search-v2-api-rhel8@sha256:1808d69232a47c3590a41c1e97126dd06c2727be972b11170b115f2e5d9fec38_amd64", "product": { "name": "rhacm2/acm-search-v2-api-rhel8@sha256:1808d69232a47c3590a41c1e97126dd06c2727be972b11170b115f2e5d9fec38_amd64", "product_id": "rhacm2/acm-search-v2-api-rhel8@sha256:1808d69232a47c3590a41c1e97126dd06c2727be972b11170b115f2e5d9fec38_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-search-v2-api-rhel8@sha256:1808d69232a47c3590a41c1e97126dd06c2727be972b11170b115f2e5d9fec38?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-search-v2-api-rhel8\u0026tag=v2.7.0-42" } } }, { "category": "product_version", "name": "rhacm2/acm-search-v2-rhel8@sha256:fb98ce01f36b3780192e99b96c688387b5d76892f409b831d6f134ec65d02d4a_amd64", "product": { "name": "rhacm2/acm-search-v2-rhel8@sha256:fb98ce01f36b3780192e99b96c688387b5d76892f409b831d6f134ec65d02d4a_amd64", "product_id": "rhacm2/acm-search-v2-rhel8@sha256:fb98ce01f36b3780192e99b96c688387b5d76892f409b831d6f134ec65d02d4a_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-search-v2-rhel8@sha256:fb98ce01f36b3780192e99b96c688387b5d76892f409b831d6f134ec65d02d4a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-search-v2-rhel8\u0026tag=v2.7.0-33" } } }, { "category": "product_version", "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:56067372156bb6d00103eecc4b5c80478980036b8143a2e2a73f8a685d0d78ee_amd64", "product": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:56067372156bb6d00103eecc4b5c80478980036b8143a2e2a73f8a685d0d78ee_amd64", "product_id": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:56067372156bb6d00103eecc4b5c80478980036b8143a2e2a73f8a685d0d78ee_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-volsync-addon-controller-rhel8@sha256:56067372156bb6d00103eecc4b5c80478980036b8143a2e2a73f8a685d0d78ee?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel8\u0026tag=v2.7.0-26" } } }, { "category": "product_version", "name": "rhacm2/cert-policy-controller-rhel8@sha256:c78e2547f3cff318747e354f09e5954c71fde8840ab8db818050dc9531205e6c_amd64", "product": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:c78e2547f3cff318747e354f09e5954c71fde8840ab8db818050dc9531205e6c_amd64", "product_id": "rhacm2/cert-policy-controller-rhel8@sha256:c78e2547f3cff318747e354f09e5954c71fde8840ab8db818050dc9531205e6c_amd64", "product_identification_helper": { "purl": "pkg:oci/cert-policy-controller-rhel8@sha256:c78e2547f3cff318747e354f09e5954c71fde8840ab8db818050dc9531205e6c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.7.0-23" } } }, { "category": "product_version", "name": "rhacm2/cluster-backup-rhel8-operator@sha256:3c969356ace5c3bc0fa5d6d8e25a838262b0f6152533f4361034a742eb29ae24_amd64", "product": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:3c969356ace5c3bc0fa5d6d8e25a838262b0f6152533f4361034a742eb29ae24_amd64", "product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:3c969356ace5c3bc0fa5d6d8e25a838262b0f6152533f4361034a742eb29ae24_amd64", "product_identification_helper": { "purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:3c969356ace5c3bc0fa5d6d8e25a838262b0f6152533f4361034a742eb29ae24?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.7.0-74" } } }, { "category": "product_version", "name": "rhacm2/config-policy-controller-rhel8@sha256:1339f82b15ebe01ba411e70252eb5964a5d622bd28a7fa494786ae6317d3060c_amd64", "product": { "name": "rhacm2/config-policy-controller-rhel8@sha256:1339f82b15ebe01ba411e70252eb5964a5d622bd28a7fa494786ae6317d3060c_amd64", "product_id": "rhacm2/config-policy-controller-rhel8@sha256:1339f82b15ebe01ba411e70252eb5964a5d622bd28a7fa494786ae6317d3060c_amd64", "product_identification_helper": { "purl": "pkg:oci/config-policy-controller-rhel8@sha256:1339f82b15ebe01ba411e70252eb5964a5d622bd28a7fa494786ae6317d3060c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.7.0-39" } } }, { "category": "product_version", "name": "rhacm2/console-rhel8@sha256:fa807a069376c408c56d593bc2e2569cec0c19f105a727a616dea3bd8305953f_amd64", "product": { "name": "rhacm2/console-rhel8@sha256:fa807a069376c408c56d593bc2e2569cec0c19f105a727a616dea3bd8305953f_amd64", "product_id": "rhacm2/console-rhel8@sha256:fa807a069376c408c56d593bc2e2569cec0c19f105a727a616dea3bd8305953f_amd64", "product_identification_helper": { "purl": "pkg:oci/console-rhel8@sha256:fa807a069376c408c56d593bc2e2569cec0c19f105a727a616dea3bd8305953f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.7.0-125" } } }, { "category": "product_version", "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:4f5241425e26875244fab0ec9e96707790ef86edca5265ac01de1ccfc86294c0_amd64", "product": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:4f5241425e26875244fab0ec9e96707790ef86edca5265ac01de1ccfc86294c0_amd64", "product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:4f5241425e26875244fab0ec9e96707790ef86edca5265ac01de1ccfc86294c0_amd64", "product_identification_helper": { "purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:4f5241425e26875244fab0ec9e96707790ef86edca5265ac01de1ccfc86294c0?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.7.0-33" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-propagator-rhel8@sha256:002229b229bf9a13e54dc16e1edacc0cf8c75d6f46948868a045d79dfd38033c_amd64", "product": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:002229b229bf9a13e54dc16e1edacc0cf8c75d6f46948868a045d79dfd38033c_amd64", "product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:002229b229bf9a13e54dc16e1edacc0cf8c75d6f46948868a045d79dfd38033c_amd64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:002229b229bf9a13e54dc16e1edacc0cf8c75d6f46948868a045d79dfd38033c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.7.0-47" } } }, { "category": "product_version", "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:0d64615d4c3a6fc8e0fc5eb595d8f846f17f7462aaf66b40aa54436fe2b4bd2b_amd64", "product": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:0d64615d4c3a6fc8e0fc5eb595d8f846f17f7462aaf66b40aa54436fe2b4bd2b_amd64", "product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:0d64615d4c3a6fc8e0fc5eb595d8f846f17f7462aaf66b40aa54436fe2b4bd2b_amd64", "product_identification_helper": { "purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:0d64615d4c3a6fc8e0fc5eb595d8f846f17f7462aaf66b40aa54436fe2b4bd2b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.7.0-34" } } }, { "category": "product_version", "name": "rhacm2/iam-policy-controller-rhel8@sha256:e79bba365fb1a5edb7cc53d07cebdbb56e861948dedd61e9697f14a8defc300b_amd64", "product": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:e79bba365fb1a5edb7cc53d07cebdbb56e861948dedd61e9697f14a8defc300b_amd64", "product_id": "rhacm2/iam-policy-controller-rhel8@sha256:e79bba365fb1a5edb7cc53d07cebdbb56e861948dedd61e9697f14a8defc300b_amd64", "product_identification_helper": { "purl": "pkg:oci/iam-policy-controller-rhel8@sha256:e79bba365fb1a5edb7cc53d07cebdbb56e861948dedd61e9697f14a8defc300b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.7.0-24" } } }, { "category": "product_version", "name": "rhacm2/insights-client-rhel8@sha256:41d64847ac789df45b51aeca8debfa2a5ac7ff15ad880ba7213ce8afbe4aff2e_amd64", "product": { "name": "rhacm2/insights-client-rhel8@sha256:41d64847ac789df45b51aeca8debfa2a5ac7ff15ad880ba7213ce8afbe4aff2e_amd64", "product_id": "rhacm2/insights-client-rhel8@sha256:41d64847ac789df45b51aeca8debfa2a5ac7ff15ad880ba7213ce8afbe4aff2e_amd64", "product_identification_helper": { "purl": "pkg:oci/insights-client-rhel8@sha256:41d64847ac789df45b51aeca8debfa2a5ac7ff15ad880ba7213ce8afbe4aff2e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.7.0-20" } } }, { "category": "product_version", "name": "rhacm2/insights-metrics-rhel8@sha256:65f96884ed34103842217b26597ec413197db699aeb004daeca08f1d08014f46_amd64", "product": { "name": "rhacm2/insights-metrics-rhel8@sha256:65f96884ed34103842217b26597ec413197db699aeb004daeca08f1d08014f46_amd64", "product_id": "rhacm2/insights-metrics-rhel8@sha256:65f96884ed34103842217b26597ec413197db699aeb004daeca08f1d08014f46_amd64", "product_identification_helper": { "purl": "pkg:oci/insights-metrics-rhel8@sha256:65f96884ed34103842217b26597ec413197db699aeb004daeca08f1d08014f46?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.7.0-20" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:523776c04653aac8c750ff48156fd7a5b0efd9ad35c40cbacdbe0ca6dda48217_amd64", "product": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:523776c04653aac8c750ff48156fd7a5b0efd9ad35c40cbacdbe0ca6dda48217_amd64", "product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:523776c04653aac8c750ff48156fd7a5b0efd9ad35c40cbacdbe0ca6dda48217_amd64", "product_identification_helper": { "purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:523776c04653aac8c750ff48156fd7a5b0efd9ad35c40cbacdbe0ca6dda48217?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.7.0-20" } } }, { "category": "product_version", "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:95de0275698ef704379246e088763c3827171487049b9cfb857712ddbdef46e9_amd64", "product": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:95de0275698ef704379246e088763c3827171487049b9cfb857712ddbdef46e9_amd64", "product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:95de0275698ef704379246e088763c3827171487049b9cfb857712ddbdef46e9_amd64", "product_identification_helper": { "purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:95de0275698ef704379246e088763c3827171487049b9cfb857712ddbdef46e9?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.7.0-21" } } }, { "category": "product_version", "name": "rhacm2/kube-state-metrics-rhel8@sha256:8cc675a0cf4ff24b28c0b75a54fc4f3328c6a9f041f21d1814d210b7704f6970_amd64", "product": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:8cc675a0cf4ff24b28c0b75a54fc4f3328c6a9f041f21d1814d210b7704f6970_amd64", "product_id": "rhacm2/kube-state-metrics-rhel8@sha256:8cc675a0cf4ff24b28c0b75a54fc4f3328c6a9f041f21d1814d210b7704f6970_amd64", "product_identification_helper": { "purl": "pkg:oci/kube-state-metrics-rhel8@sha256:8cc675a0cf4ff24b28c0b75a54fc4f3328c6a9f041f21d1814d210b7704f6970?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.7.0-22" } } }, { "category": "product_version", "name": "rhacm2/management-ingress-rhel8@sha256:f45de50d8d7b6a285317a3bc1c413427841c8d6fab742f6de0a61bad9722b61e_amd64", "product": { "name": "rhacm2/management-ingress-rhel8@sha256:f45de50d8d7b6a285317a3bc1c413427841c8d6fab742f6de0a61bad9722b61e_amd64", "product_id": "rhacm2/management-ingress-rhel8@sha256:f45de50d8d7b6a285317a3bc1c413427841c8d6fab742f6de0a61bad9722b61e_amd64", "product_identification_helper": { "purl": "pkg:oci/management-ingress-rhel8@sha256:f45de50d8d7b6a285317a3bc1c413427841c8d6fab742f6de0a61bad9722b61e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.7.0-21" } } }, { "category": "product_version", "name": "rhacm2/memcached-rhel8@sha256:21d28e1c3d1c7e8803261867c20a29df444676780ed9d4cc9f1dd1c8dbd68688_amd64", "product": { "name": "rhacm2/memcached-rhel8@sha256:21d28e1c3d1c7e8803261867c20a29df444676780ed9d4cc9f1dd1c8dbd68688_amd64", "product_id": "rhacm2/memcached-rhel8@sha256:21d28e1c3d1c7e8803261867c20a29df444676780ed9d4cc9f1dd1c8dbd68688_amd64", "product_identification_helper": { "purl": "pkg:oci/memcached-rhel8@sha256:21d28e1c3d1c7e8803261867c20a29df444676780ed9d4cc9f1dd1c8dbd68688?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.7.0-9" } } }, { "category": "product_version", "name": "rhacm2/memcached-exporter-rhel8@sha256:baa029b8feb59ec4d626f021ebf777cc991c1a24c29c321c40513b91641f4bbc_amd64", "product": { "name": "rhacm2/memcached-exporter-rhel8@sha256:baa029b8feb59ec4d626f021ebf777cc991c1a24c29c321c40513b91641f4bbc_amd64", "product_id": "rhacm2/memcached-exporter-rhel8@sha256:baa029b8feb59ec4d626f021ebf777cc991c1a24c29c321c40513b91641f4bbc_amd64", "product_identification_helper": { "purl": "pkg:oci/memcached-exporter-rhel8@sha256:baa029b8feb59ec4d626f021ebf777cc991c1a24c29c321c40513b91641f4bbc?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.7.0-16" } } }, { "category": "product_version", "name": "rhacm2/metrics-collector-rhel8@sha256:9638fab8d1439730395607cc99bcda33eae5e813778398888124e8ae319cb80e_amd64", "product": { "name": "rhacm2/metrics-collector-rhel8@sha256:9638fab8d1439730395607cc99bcda33eae5e813778398888124e8ae319cb80e_amd64", "product_id": "rhacm2/metrics-collector-rhel8@sha256:9638fab8d1439730395607cc99bcda33eae5e813778398888124e8ae319cb80e_amd64", "product_identification_helper": { "purl": "pkg:oci/metrics-collector-rhel8@sha256:9638fab8d1439730395607cc99bcda33eae5e813778398888124e8ae319cb80e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.7.0-33" } } }, { "category": "product_version", "name": "rhacm2/multicloud-integrations-rhel8@sha256:3f0ab9161698eb9e3342c3b3fc70d5ca9c420cdcc5a5ccebc8cc993dfefb9dc3_amd64", "product": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:3f0ab9161698eb9e3342c3b3fc70d5ca9c420cdcc5a5ccebc8cc993dfefb9dc3_amd64", "product_id": "rhacm2/multicloud-integrations-rhel8@sha256:3f0ab9161698eb9e3342c3b3fc70d5ca9c420cdcc5a5ccebc8cc993dfefb9dc3_amd64", "product_identification_helper": { "purl": "pkg:oci/multicloud-integrations-rhel8@sha256:3f0ab9161698eb9e3342c3b3fc70d5ca9c420cdcc5a5ccebc8cc993dfefb9dc3?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.7.0-24" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-rhel8@sha256:405fa2e3363a3c124a5764d6153b7bcba3d43a3026813085e44c9246d51ca60a_amd64", "product": { "name": "rhacm2/multiclusterhub-rhel8@sha256:405fa2e3363a3c124a5764d6153b7bcba3d43a3026813085e44c9246d51ca60a_amd64", "product_id": "rhacm2/multiclusterhub-rhel8@sha256:405fa2e3363a3c124a5764d6153b7bcba3d43a3026813085e44c9246d51ca60a_amd64", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-rhel8@sha256:405fa2e3363a3c124a5764d6153b7bcba3d43a3026813085e44c9246d51ca60a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.7.0-63" } } }, { "category": "product_version", "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:68228ba1ef7bf5631f0cab91cb4e9f86c3d24c1ad587332d42c4f85e1a3608d7_amd64", "product": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:68228ba1ef7bf5631f0cab91cb4e9f86c3d24c1ad587332d42c4f85e1a3608d7_amd64", "product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:68228ba1ef7bf5631f0cab91cb4e9f86c3d24c1ad587332d42c4f85e1a3608d7_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:68228ba1ef7bf5631f0cab91cb4e9f86c3d24c1ad587332d42c4f85e1a3608d7?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.7.0-34" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-application-rhel8@sha256:62520c406cdbd823e99e8ee9ff9119b61cb6880fcb1335211b6520bedec564f2_amd64", "product": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:62520c406cdbd823e99e8ee9ff9119b61cb6880fcb1335211b6520bedec564f2_amd64", "product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:62520c406cdbd823e99e8ee9ff9119b61cb6880fcb1335211b6520bedec564f2_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:62520c406cdbd823e99e8ee9ff9119b61cb6880fcb1335211b6520bedec564f2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.7.0-22" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:da65bc93513dfb37a4828eaf5e1d4c08265ffdba05028fed95a564341d226771_amd64", "product": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:da65bc93513dfb37a4828eaf5e1d4c08265ffdba05028fed95a564341d226771_amd64", "product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:da65bc93513dfb37a4828eaf5e1d4c08265ffdba05028fed95a564341d226771_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:da65bc93513dfb37a4828eaf5e1d4c08265ffdba05028fed95a564341d226771?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.7.0-25" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:e53b330ed0c4ed0803a93b18a6ce290814dcd16dce6eb980809b5b8c6c09deb4_amd64", "product": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:e53b330ed0c4ed0803a93b18a6ce290814dcd16dce6eb980809b5b8c6c09deb4_amd64", "product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:e53b330ed0c4ed0803a93b18a6ce290814dcd16dce6eb980809b5b8c6c09deb4_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:e53b330ed0c4ed0803a93b18a6ce290814dcd16dce6eb980809b5b8c6c09deb4?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.7.0-57" } } }, { "category": "product_version", "name": "rhacm2/node-exporter-rhel8@sha256:2aeec43f11c6572abb7d4468560dc1561a023d9692058a4ac2b13a0cedb44dde_amd64", "product": { "name": "rhacm2/node-exporter-rhel8@sha256:2aeec43f11c6572abb7d4468560dc1561a023d9692058a4ac2b13a0cedb44dde_amd64", "product_id": "rhacm2/node-exporter-rhel8@sha256:2aeec43f11c6572abb7d4468560dc1561a023d9692058a4ac2b13a0cedb44dde_amd64", "product_identification_helper": { "purl": "pkg:oci/node-exporter-rhel8@sha256:2aeec43f11c6572abb7d4468560dc1561a023d9692058a4ac2b13a0cedb44dde?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.7.0-21" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8@sha256:836c0b874ba4fc57b5f79dffacefd2dc0261822cb6dde17d247db39175a5c27f_amd64", "product": { "name": "rhacm2/observatorium-rhel8@sha256:836c0b874ba4fc57b5f79dffacefd2dc0261822cb6dde17d247db39175a5c27f_amd64", "product_id": "rhacm2/observatorium-rhel8@sha256:836c0b874ba4fc57b5f79dffacefd2dc0261822cb6dde17d247db39175a5c27f_amd64", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8@sha256:836c0b874ba4fc57b5f79dffacefd2dc0261822cb6dde17d247db39175a5c27f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.7.0-21" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8-operator@sha256:16eeedaa25dd61c03514479044fde9851c5b4224b718a496e33d43a06f57d5b5_amd64", "product": { "name": "rhacm2/observatorium-rhel8-operator@sha256:16eeedaa25dd61c03514479044fde9851c5b4224b718a496e33d43a06f57d5b5_amd64", "product_id": "rhacm2/observatorium-rhel8-operator@sha256:16eeedaa25dd61c03514479044fde9851c5b4224b718a496e33d43a06f57d5b5_amd64", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8-operator@sha256:16eeedaa25dd61c03514479044fde9851c5b4224b718a496e33d43a06f57d5b5?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.7.0-19" } } }, { "category": "product_version", "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:6c9ea79e385be44f735efb932079b328200d47869f5f5f9b442fdb76067cac2a_amd64", "product": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:6c9ea79e385be44f735efb932079b328200d47869f5f5f9b442fdb76067cac2a_amd64", "product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:6c9ea79e385be44f735efb932079b328200d47869f5f5f9b442fdb76067cac2a_amd64", "product_identification_helper": { "purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:6c9ea79e385be44f735efb932079b328200d47869f5f5f9b442fdb76067cac2a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.7.0-18" } } }, { "category": "product_version", "name": "rhacm2/prometheus-rhel8@sha256:59174c376ae5563ea3a2a68bf999458f6b905058f57a7779b6dddd7aff252e4f_amd64", "product": { "name": "rhacm2/prometheus-rhel8@sha256:59174c376ae5563ea3a2a68bf999458f6b905058f57a7779b6dddd7aff252e4f_amd64", "product_id": "rhacm2/prometheus-rhel8@sha256:59174c376ae5563ea3a2a68bf999458f6b905058f57a7779b6dddd7aff252e4f_amd64", "product_identification_helper": { "purl": "pkg:oci/prometheus-rhel8@sha256:59174c376ae5563ea3a2a68bf999458f6b905058f57a7779b6dddd7aff252e4f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.7.0-18" } } }, { "category": "product_version", "name": "rhacm2/rbac-query-proxy-rhel8@sha256:bdeee76d09265212805e06117c368c96d40c7b46278dc09413fa300c6198ac2d_amd64", "product": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:bdeee76d09265212805e06117c368c96d40c7b46278dc09413fa300c6198ac2d_amd64", "product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:bdeee76d09265212805e06117c368c96d40c7b46278dc09413fa300c6198ac2d_amd64", "product_identification_helper": { "purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:bdeee76d09265212805e06117c368c96d40c7b46278dc09413fa300c6198ac2d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.7.0-34" } } }, { "category": "product_version", "name": "rhacm2/search-collector-rhel8@sha256:91b398bdccc5dbbfb82913ac52110d0b8e2f6c37ded6aa22b7d97ec4655b4cde_amd64", "product": { "name": "rhacm2/search-collector-rhel8@sha256:91b398bdccc5dbbfb82913ac52110d0b8e2f6c37ded6aa22b7d97ec4655b4cde_amd64", "product_id": "rhacm2/search-collector-rhel8@sha256:91b398bdccc5dbbfb82913ac52110d0b8e2f6c37ded6aa22b7d97ec4655b4cde_amd64", "product_identification_helper": { "purl": "pkg:oci/search-collector-rhel8@sha256:91b398bdccc5dbbfb82913ac52110d0b8e2f6c37ded6aa22b7d97ec4655b4cde?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.7.0-28" } } }, { "category": "product_version", "name": "rhacm2/submariner-addon-rhel8@sha256:4eddabb57e6f448c45fba78dc72f1541ccddb11b63a558764d0c105465a76555_amd64", "product": { "name": "rhacm2/submariner-addon-rhel8@sha256:4eddabb57e6f448c45fba78dc72f1541ccddb11b63a558764d0c105465a76555_amd64", "product_id": "rhacm2/submariner-addon-rhel8@sha256:4eddabb57e6f448c45fba78dc72f1541ccddb11b63a558764d0c105465a76555_amd64", "product_identification_helper": { "purl": "pkg:oci/submariner-addon-rhel8@sha256:4eddabb57e6f448c45fba78dc72f1541ccddb11b63a558764d0c105465a76555?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.7.0-52" } } }, { "category": "product_version", "name": "rhacm2/thanos-rhel8@sha256:23a4e918b5ffdbad4745e541afad2747bd6b28e534a31e7b5aff74296b27e3e7_amd64", "product": { "name": "rhacm2/thanos-rhel8@sha256:23a4e918b5ffdbad4745e541afad2747bd6b28e534a31e7b5aff74296b27e3e7_amd64", "product_id": "rhacm2/thanos-rhel8@sha256:23a4e918b5ffdbad4745e541afad2747bd6b28e534a31e7b5aff74296b27e3e7_amd64", "product_identification_helper": { "purl": "pkg:oci/thanos-rhel8@sha256:23a4e918b5ffdbad4745e541afad2747bd6b28e534a31e7b5aff74296b27e3e7?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.7.0-17" } } }, { "category": "product_version", "name": "rhacm2/thanos-receive-controller-rhel8@sha256:e9a5ef8f2d97357bee0198544d0545c26ee7c7d10116771e510d73eda6c45abe_amd64", "product": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:e9a5ef8f2d97357bee0198544d0545c26ee7c7d10116771e510d73eda6c45abe_amd64", "product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:e9a5ef8f2d97357bee0198544d0545c26ee7c7d10116771e510d73eda6c45abe_amd64", "product_identification_helper": { "purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:e9a5ef8f2d97357bee0198544d0545c26ee7c7d10116771e510d73eda6c45abe?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.7.0-19" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7f6671f84fcbe569fceece415dd7beeb8bb7f86c3031bdfb3ac0d0e777051b2f_s390x", "product": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7f6671f84fcbe569fceece415dd7beeb8bb7f86c3031bdfb3ac0d0e777051b2f_s390x", "product_id": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7f6671f84fcbe569fceece415dd7beeb8bb7f86c3031bdfb3ac0d0e777051b2f_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-governance-policy-addon-controller-rhel8@sha256:7f6671f84fcbe569fceece415dd7beeb8bb7f86c3031bdfb3ac0d0e777051b2f?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel8\u0026tag=v2.7.0-48" } } }, { "category": "product_version", "name": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:25271964483024b3235dd61f7e7bb9dd5e9dfa75f76e6ded5c92580d440ca48b_s390x", "product": { "name": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:25271964483024b3235dd61f7e7bb9dd5e9dfa75f76e6ded5c92580d440ca48b_s390x", "product_id": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:25271964483024b3235dd61f7e7bb9dd5e9dfa75f76e6ded5c92580d440ca48b_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-governance-policy-framework-addon-rhel8@sha256:25271964483024b3235dd61f7e7bb9dd5e9dfa75f76e6ded5c92580d440ca48b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-framework-addon-rhel8\u0026tag=v2.7.0-25" } } }, { "category": "product_version", "name": "rhacm2/acm-grafana-rhel8@sha256:c8f1a9d09131727033e6e60984c5baa3271adc6a23854b9aabe70f36952d35d6_s390x", "product": { "name": "rhacm2/acm-grafana-rhel8@sha256:c8f1a9d09131727033e6e60984c5baa3271adc6a23854b9aabe70f36952d35d6_s390x", "product_id": "rhacm2/acm-grafana-rhel8@sha256:c8f1a9d09131727033e6e60984c5baa3271adc6a23854b9aabe70f36952d35d6_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-grafana-rhel8@sha256:c8f1a9d09131727033e6e60984c5baa3271adc6a23854b9aabe70f36952d35d6?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.7.0-19" } } }, { "category": "product_version", "name": "rhacm2/acm-must-gather-rhel8@sha256:ad85c5d648363cdb36790b49311f4e07a8584b9e6065cde9d41274a1bd716f0a_s390x", "product": { "name": "rhacm2/acm-must-gather-rhel8@sha256:ad85c5d648363cdb36790b49311f4e07a8584b9e6065cde9d41274a1bd716f0a_s390x", "product_id": "rhacm2/acm-must-gather-rhel8@sha256:ad85c5d648363cdb36790b49311f4e07a8584b9e6065cde9d41274a1bd716f0a_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-must-gather-rhel8@sha256:ad85c5d648363cdb36790b49311f4e07a8584b9e6065cde9d41274a1bd716f0a?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.7.0-23" } } }, { "category": "product_version", "name": "rhacm2/acm-operator-bundle@sha256:90320bd14c632ace987ca1eac05a78068123ef1fc97c401951d073a3f0fd8e66_s390x", "product": { "name": "rhacm2/acm-operator-bundle@sha256:90320bd14c632ace987ca1eac05a78068123ef1fc97c401951d073a3f0fd8e66_s390x", "product_id": "rhacm2/acm-operator-bundle@sha256:90320bd14c632ace987ca1eac05a78068123ef1fc97c401951d073a3f0fd8e66_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-operator-bundle@sha256:90320bd14c632ace987ca1eac05a78068123ef1fc97c401951d073a3f0fd8e66?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.7.0-267" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:2839bcce06fd5a02f6cc8fce8668fb806ae8f2e0e7174e5c66376792c2d1fd92_s390x", "product": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:2839bcce06fd5a02f6cc8fce8668fb806ae8f2e0e7174e5c66376792c2d1fd92_s390x", "product_id": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:2839bcce06fd5a02f6cc8fce8668fb806ae8f2e0e7174e5c66376792c2d1fd92_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-config-reloader-rhel8@sha256:2839bcce06fd5a02f6cc8fce8668fb806ae8f2e0e7174e5c66376792c2d1fd92?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel8\u0026tag=v2.7.0-22" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-rhel8@sha256:c6d947e30ec1aa348d573ee93c669f71b38ea93801e71636f5f9ab4609f681b4_s390x", "product": { "name": "rhacm2/acm-prometheus-rhel8@sha256:c6d947e30ec1aa348d573ee93c669f71b38ea93801e71636f5f9ab4609f681b4_s390x", "product_id": "rhacm2/acm-prometheus-rhel8@sha256:c6d947e30ec1aa348d573ee93c669f71b38ea93801e71636f5f9ab4609f681b4_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-rhel8@sha256:c6d947e30ec1aa348d573ee93c669f71b38ea93801e71636f5f9ab4609f681b4?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel8\u0026tag=v2.7.0-22" } } }, { "category": "product_version", "name": "rhacm2/acm-search-indexer-rhel8@sha256:53ceb20280569eaf0129686d49d462a3c1d3eaf2829b6eb920e9359be718e2c4_s390x", "product": { "name": "rhacm2/acm-search-indexer-rhel8@sha256:53ceb20280569eaf0129686d49d462a3c1d3eaf2829b6eb920e9359be718e2c4_s390x", "product_id": "rhacm2/acm-search-indexer-rhel8@sha256:53ceb20280569eaf0129686d49d462a3c1d3eaf2829b6eb920e9359be718e2c4_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-search-indexer-rhel8@sha256:53ceb20280569eaf0129686d49d462a3c1d3eaf2829b6eb920e9359be718e2c4?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-search-indexer-rhel8\u0026tag=v2.7.0-26" } } }, { "category": "product_version", "name": "rhacm2/acm-search-v2-api-rhel8@sha256:5be1e54791e8024f0e1342eba7d4441e0606f9a26be8f52aff51c8665baa41cc_s390x", "product": { "name": "rhacm2/acm-search-v2-api-rhel8@sha256:5be1e54791e8024f0e1342eba7d4441e0606f9a26be8f52aff51c8665baa41cc_s390x", "product_id": "rhacm2/acm-search-v2-api-rhel8@sha256:5be1e54791e8024f0e1342eba7d4441e0606f9a26be8f52aff51c8665baa41cc_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-search-v2-api-rhel8@sha256:5be1e54791e8024f0e1342eba7d4441e0606f9a26be8f52aff51c8665baa41cc?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-search-v2-api-rhel8\u0026tag=v2.7.0-42" } } }, { "category": "product_version", "name": "rhacm2/acm-search-v2-rhel8@sha256:f5b656141ad16ac873d1b886abc3b956380268b6c0dddb8ceac3e79b65edae0a_s390x", "product": { "name": "rhacm2/acm-search-v2-rhel8@sha256:f5b656141ad16ac873d1b886abc3b956380268b6c0dddb8ceac3e79b65edae0a_s390x", "product_id": "rhacm2/acm-search-v2-rhel8@sha256:f5b656141ad16ac873d1b886abc3b956380268b6c0dddb8ceac3e79b65edae0a_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-search-v2-rhel8@sha256:f5b656141ad16ac873d1b886abc3b956380268b6c0dddb8ceac3e79b65edae0a?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-search-v2-rhel8\u0026tag=v2.7.0-33" } } }, { "category": "product_version", "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:98724153fa7763d22bcf11c3a5faa6eee0f6c40c4f4f647487e106d2ef427218_s390x", "product": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:98724153fa7763d22bcf11c3a5faa6eee0f6c40c4f4f647487e106d2ef427218_s390x", "product_id": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:98724153fa7763d22bcf11c3a5faa6eee0f6c40c4f4f647487e106d2ef427218_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-volsync-addon-controller-rhel8@sha256:98724153fa7763d22bcf11c3a5faa6eee0f6c40c4f4f647487e106d2ef427218?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel8\u0026tag=v2.7.0-26" } } }, { "category": "product_version", "name": "rhacm2/cert-policy-controller-rhel8@sha256:1de63e2d307841c7707f4d0c09cd1d9cd673bbd7736c5f6c533986a9de0d1118_s390x", "product": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:1de63e2d307841c7707f4d0c09cd1d9cd673bbd7736c5f6c533986a9de0d1118_s390x", "product_id": "rhacm2/cert-policy-controller-rhel8@sha256:1de63e2d307841c7707f4d0c09cd1d9cd673bbd7736c5f6c533986a9de0d1118_s390x", "product_identification_helper": { "purl": "pkg:oci/cert-policy-controller-rhel8@sha256:1de63e2d307841c7707f4d0c09cd1d9cd673bbd7736c5f6c533986a9de0d1118?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.7.0-23" } } }, { "category": "product_version", "name": "rhacm2/cluster-backup-rhel8-operator@sha256:09f23f185abfbec175fbea2cc1fba624308c2777b5c8133d9e98daeb4bcfa009_s390x", "product": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:09f23f185abfbec175fbea2cc1fba624308c2777b5c8133d9e98daeb4bcfa009_s390x", "product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:09f23f185abfbec175fbea2cc1fba624308c2777b5c8133d9e98daeb4bcfa009_s390x", "product_identification_helper": { "purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:09f23f185abfbec175fbea2cc1fba624308c2777b5c8133d9e98daeb4bcfa009?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.7.0-74" } } }, { "category": "product_version", "name": "rhacm2/config-policy-controller-rhel8@sha256:fab9c37776dabaa9c510bf243f23407715a1e3bd1c0a0280dc22191c6349a1c0_s390x", "product": { "name": "rhacm2/config-policy-controller-rhel8@sha256:fab9c37776dabaa9c510bf243f23407715a1e3bd1c0a0280dc22191c6349a1c0_s390x", "product_id": "rhacm2/config-policy-controller-rhel8@sha256:fab9c37776dabaa9c510bf243f23407715a1e3bd1c0a0280dc22191c6349a1c0_s390x", "product_identification_helper": { "purl": "pkg:oci/config-policy-controller-rhel8@sha256:fab9c37776dabaa9c510bf243f23407715a1e3bd1c0a0280dc22191c6349a1c0?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.7.0-39" } } }, { "category": "product_version", "name": "rhacm2/console-rhel8@sha256:01517c35f75f1f4f4c3625eb899bff16ae5c114a241c70b56f7de2310ddd065e_s390x", "product": { "name": "rhacm2/console-rhel8@sha256:01517c35f75f1f4f4c3625eb899bff16ae5c114a241c70b56f7de2310ddd065e_s390x", "product_id": "rhacm2/console-rhel8@sha256:01517c35f75f1f4f4c3625eb899bff16ae5c114a241c70b56f7de2310ddd065e_s390x", "product_identification_helper": { "purl": "pkg:oci/console-rhel8@sha256:01517c35f75f1f4f4c3625eb899bff16ae5c114a241c70b56f7de2310ddd065e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.7.0-125" } } }, { "category": "product_version", "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:8913009902c71afe34f3a98ed720997e72f764cb7e251a08a2698f2d8ce64e24_s390x", "product": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:8913009902c71afe34f3a98ed720997e72f764cb7e251a08a2698f2d8ce64e24_s390x", "product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:8913009902c71afe34f3a98ed720997e72f764cb7e251a08a2698f2d8ce64e24_s390x", "product_identification_helper": { "purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:8913009902c71afe34f3a98ed720997e72f764cb7e251a08a2698f2d8ce64e24?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.7.0-33" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-propagator-rhel8@sha256:d4296089159e15bf3e11f5695a34d10b83875a346545f1d09824b4fe47295cf8_s390x", "product": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:d4296089159e15bf3e11f5695a34d10b83875a346545f1d09824b4fe47295cf8_s390x", "product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:d4296089159e15bf3e11f5695a34d10b83875a346545f1d09824b4fe47295cf8_s390x", "product_identification_helper": { "purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:d4296089159e15bf3e11f5695a34d10b83875a346545f1d09824b4fe47295cf8?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.7.0-47" } } }, { "category": "product_version", "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:c182f0b51bfd9b29ea7363f74522a49b6601418f5db76843231167ef1176f709_s390x", "product": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:c182f0b51bfd9b29ea7363f74522a49b6601418f5db76843231167ef1176f709_s390x", "product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:c182f0b51bfd9b29ea7363f74522a49b6601418f5db76843231167ef1176f709_s390x", "product_identification_helper": { "purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:c182f0b51bfd9b29ea7363f74522a49b6601418f5db76843231167ef1176f709?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.7.0-34" } } }, { "category": "product_version", "name": "rhacm2/iam-policy-controller-rhel8@sha256:f7a86d6209a19498e56da1f39533a1198af35c2a9e3c824cea252eb34d737219_s390x", "product": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:f7a86d6209a19498e56da1f39533a1198af35c2a9e3c824cea252eb34d737219_s390x", "product_id": "rhacm2/iam-policy-controller-rhel8@sha256:f7a86d6209a19498e56da1f39533a1198af35c2a9e3c824cea252eb34d737219_s390x", "product_identification_helper": { "purl": "pkg:oci/iam-policy-controller-rhel8@sha256:f7a86d6209a19498e56da1f39533a1198af35c2a9e3c824cea252eb34d737219?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.7.0-24" } } }, { "category": "product_version", "name": "rhacm2/insights-client-rhel8@sha256:9d25ef8c29b2dac4660e18c17d0286fa2ff0f6f6383b6bf795f7e5e6f70b950e_s390x", "product": { "name": "rhacm2/insights-client-rhel8@sha256:9d25ef8c29b2dac4660e18c17d0286fa2ff0f6f6383b6bf795f7e5e6f70b950e_s390x", "product_id": "rhacm2/insights-client-rhel8@sha256:9d25ef8c29b2dac4660e18c17d0286fa2ff0f6f6383b6bf795f7e5e6f70b950e_s390x", "product_identification_helper": { "purl": "pkg:oci/insights-client-rhel8@sha256:9d25ef8c29b2dac4660e18c17d0286fa2ff0f6f6383b6bf795f7e5e6f70b950e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.7.0-20" } } }, { "category": "product_version", "name": "rhacm2/insights-metrics-rhel8@sha256:ed01454411cbdfb20661aecc76e00767b5ec122e27a379159476eabba741b94e_s390x", "product": { "name": "rhacm2/insights-metrics-rhel8@sha256:ed01454411cbdfb20661aecc76e00767b5ec122e27a379159476eabba741b94e_s390x", "product_id": "rhacm2/insights-metrics-rhel8@sha256:ed01454411cbdfb20661aecc76e00767b5ec122e27a379159476eabba741b94e_s390x", "product_identification_helper": { "purl": "pkg:oci/insights-metrics-rhel8@sha256:ed01454411cbdfb20661aecc76e00767b5ec122e27a379159476eabba741b94e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.7.0-20" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:866125412b6812710734b9e72d09581be40879bb57236e37660e2d29210a37ad_s390x", "product": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:866125412b6812710734b9e72d09581be40879bb57236e37660e2d29210a37ad_s390x", "product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:866125412b6812710734b9e72d09581be40879bb57236e37660e2d29210a37ad_s390x", "product_identification_helper": { "purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:866125412b6812710734b9e72d09581be40879bb57236e37660e2d29210a37ad?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.7.0-20" } } }, { "category": "product_version", "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:f0397b30dc7b824b0e37a256c5a067585885c80db1033b44a13fe56446cd80a9_s390x", "product": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:f0397b30dc7b824b0e37a256c5a067585885c80db1033b44a13fe56446cd80a9_s390x", "product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:f0397b30dc7b824b0e37a256c5a067585885c80db1033b44a13fe56446cd80a9_s390x", "product_identification_helper": { "purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:f0397b30dc7b824b0e37a256c5a067585885c80db1033b44a13fe56446cd80a9?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.7.0-21" } } }, { "category": "product_version", "name": "rhacm2/kube-state-metrics-rhel8@sha256:1f27bc62a66413a31d2d680ecd2a8ed9c9d378341da56b788cd86c98151a1fd4_s390x", "product": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:1f27bc62a66413a31d2d680ecd2a8ed9c9d378341da56b788cd86c98151a1fd4_s390x", "product_id": "rhacm2/kube-state-metrics-rhel8@sha256:1f27bc62a66413a31d2d680ecd2a8ed9c9d378341da56b788cd86c98151a1fd4_s390x", "product_identification_helper": { "purl": "pkg:oci/kube-state-metrics-rhel8@sha256:1f27bc62a66413a31d2d680ecd2a8ed9c9d378341da56b788cd86c98151a1fd4?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.7.0-22" } } }, { "category": "product_version", "name": "rhacm2/management-ingress-rhel8@sha256:70aa7c3711b4085caa9ba50295dfedf9b2cd3a1b37e815e4a7245c1aef0cfe22_s390x", "product": { "name": "rhacm2/management-ingress-rhel8@sha256:70aa7c3711b4085caa9ba50295dfedf9b2cd3a1b37e815e4a7245c1aef0cfe22_s390x", "product_id": "rhacm2/management-ingress-rhel8@sha256:70aa7c3711b4085caa9ba50295dfedf9b2cd3a1b37e815e4a7245c1aef0cfe22_s390x", "product_identification_helper": { "purl": "pkg:oci/management-ingress-rhel8@sha256:70aa7c3711b4085caa9ba50295dfedf9b2cd3a1b37e815e4a7245c1aef0cfe22?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.7.0-21" } } }, { "category": "product_version", "name": "rhacm2/memcached-rhel8@sha256:6c7cb2786f6863e7d1c8554f159c68123921d22bbd7bec5fc3532cad991937b4_s390x", "product": { "name": "rhacm2/memcached-rhel8@sha256:6c7cb2786f6863e7d1c8554f159c68123921d22bbd7bec5fc3532cad991937b4_s390x", "product_id": "rhacm2/memcached-rhel8@sha256:6c7cb2786f6863e7d1c8554f159c68123921d22bbd7bec5fc3532cad991937b4_s390x", "product_identification_helper": { "purl": "pkg:oci/memcached-rhel8@sha256:6c7cb2786f6863e7d1c8554f159c68123921d22bbd7bec5fc3532cad991937b4?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.7.0-9" } } }, { "category": "product_version", "name": "rhacm2/memcached-exporter-rhel8@sha256:c7937a592a255199c316e30c499d0c150cc95c3f208e46d8a936a5bc03a1fed6_s390x", "product": { "name": "rhacm2/memcached-exporter-rhel8@sha256:c7937a592a255199c316e30c499d0c150cc95c3f208e46d8a936a5bc03a1fed6_s390x", "product_id": "rhacm2/memcached-exporter-rhel8@sha256:c7937a592a255199c316e30c499d0c150cc95c3f208e46d8a936a5bc03a1fed6_s390x", "product_identification_helper": { "purl": "pkg:oci/memcached-exporter-rhel8@sha256:c7937a592a255199c316e30c499d0c150cc95c3f208e46d8a936a5bc03a1fed6?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.7.0-16" } } }, { "category": "product_version", "name": "rhacm2/metrics-collector-rhel8@sha256:21644ef77ec046c79fb64f612245ac5d59c0aa569c548b48062da8896d159696_s390x", "product": { "name": "rhacm2/metrics-collector-rhel8@sha256:21644ef77ec046c79fb64f612245ac5d59c0aa569c548b48062da8896d159696_s390x", "product_id": "rhacm2/metrics-collector-rhel8@sha256:21644ef77ec046c79fb64f612245ac5d59c0aa569c548b48062da8896d159696_s390x", "product_identification_helper": { "purl": "pkg:oci/metrics-collector-rhel8@sha256:21644ef77ec046c79fb64f612245ac5d59c0aa569c548b48062da8896d159696?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.7.0-33" } } }, { "category": "product_version", "name": "rhacm2/multicloud-integrations-rhel8@sha256:651c4ac3da42bc2acfe9bff35e397ccf5e88abb6303622f3244d6ccb9b8f9e0d_s390x", "product": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:651c4ac3da42bc2acfe9bff35e397ccf5e88abb6303622f3244d6ccb9b8f9e0d_s390x", "product_id": "rhacm2/multicloud-integrations-rhel8@sha256:651c4ac3da42bc2acfe9bff35e397ccf5e88abb6303622f3244d6ccb9b8f9e0d_s390x", "product_identification_helper": { "purl": "pkg:oci/multicloud-integrations-rhel8@sha256:651c4ac3da42bc2acfe9bff35e397ccf5e88abb6303622f3244d6ccb9b8f9e0d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.7.0-24" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-rhel8@sha256:b82d4ecef59b69623ec4d0a9b5537fa52e007336727c92345cd829d80961f14a_s390x", "product": { "name": "rhacm2/multiclusterhub-rhel8@sha256:b82d4ecef59b69623ec4d0a9b5537fa52e007336727c92345cd829d80961f14a_s390x", "product_id": "rhacm2/multiclusterhub-rhel8@sha256:b82d4ecef59b69623ec4d0a9b5537fa52e007336727c92345cd829d80961f14a_s390x", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-rhel8@sha256:b82d4ecef59b69623ec4d0a9b5537fa52e007336727c92345cd829d80961f14a?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.7.0-63" } } }, { "category": "product_version", "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:93da29b41da3c87d4bffaf42369b50217f5d8f81d0a82c4108c27a3c40f544d8_s390x", "product": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:93da29b41da3c87d4bffaf42369b50217f5d8f81d0a82c4108c27a3c40f544d8_s390x", "product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:93da29b41da3c87d4bffaf42369b50217f5d8f81d0a82c4108c27a3c40f544d8_s390x", "product_identification_helper": { "purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:93da29b41da3c87d4bffaf42369b50217f5d8f81d0a82c4108c27a3c40f544d8?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.7.0-34" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-application-rhel8@sha256:299f0753c65ab4e609418fd5515bdcb041bee357f4db192ae32a24ad0c4d7853_s390x", "product": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:299f0753c65ab4e609418fd5515bdcb041bee357f4db192ae32a24ad0c4d7853_s390x", "product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:299f0753c65ab4e609418fd5515bdcb041bee357f4db192ae32a24ad0c4d7853_s390x", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:299f0753c65ab4e609418fd5515bdcb041bee357f4db192ae32a24ad0c4d7853?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.7.0-22" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:d8fe5baa4aefbcf41861743a3cf6c94f8a2a63526e96e5d263a40a8cb8a5ad4e_s390x", "product": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:d8fe5baa4aefbcf41861743a3cf6c94f8a2a63526e96e5d263a40a8cb8a5ad4e_s390x", "product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:d8fe5baa4aefbcf41861743a3cf6c94f8a2a63526e96e5d263a40a8cb8a5ad4e_s390x", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:d8fe5baa4aefbcf41861743a3cf6c94f8a2a63526e96e5d263a40a8cb8a5ad4e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.7.0-25" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:6307eb5e9195415477b18d701310e8813772b7120d0fc4ac83846e54b46b4745_s390x", "product": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:6307eb5e9195415477b18d701310e8813772b7120d0fc4ac83846e54b46b4745_s390x", "product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:6307eb5e9195415477b18d701310e8813772b7120d0fc4ac83846e54b46b4745_s390x", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:6307eb5e9195415477b18d701310e8813772b7120d0fc4ac83846e54b46b4745?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.7.0-57" } } }, { "category": "product_version", "name": "rhacm2/node-exporter-rhel8@sha256:97291260ff17e7e1b1f490a68041613ca5f7c192d848f928eca9b867de47bc4e_s390x", "product": { "name": "rhacm2/node-exporter-rhel8@sha256:97291260ff17e7e1b1f490a68041613ca5f7c192d848f928eca9b867de47bc4e_s390x", "product_id": "rhacm2/node-exporter-rhel8@sha256:97291260ff17e7e1b1f490a68041613ca5f7c192d848f928eca9b867de47bc4e_s390x", "product_identification_helper": { "purl": "pkg:oci/node-exporter-rhel8@sha256:97291260ff17e7e1b1f490a68041613ca5f7c192d848f928eca9b867de47bc4e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.7.0-21" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8@sha256:51374017a10289e0402363ae2839d110f500be44dc44834dbd8dd66ba0e6f5e9_s390x", "product": { "name": "rhacm2/observatorium-rhel8@sha256:51374017a10289e0402363ae2839d110f500be44dc44834dbd8dd66ba0e6f5e9_s390x", "product_id": "rhacm2/observatorium-rhel8@sha256:51374017a10289e0402363ae2839d110f500be44dc44834dbd8dd66ba0e6f5e9_s390x", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8@sha256:51374017a10289e0402363ae2839d110f500be44dc44834dbd8dd66ba0e6f5e9?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.7.0-21" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8-operator@sha256:c870e034b29dfa320cb6a6bf60021033b622b76a0c4aaaf2a768326ea046b459_s390x", "product": { "name": "rhacm2/observatorium-rhel8-operator@sha256:c870e034b29dfa320cb6a6bf60021033b622b76a0c4aaaf2a768326ea046b459_s390x", "product_id": "rhacm2/observatorium-rhel8-operator@sha256:c870e034b29dfa320cb6a6bf60021033b622b76a0c4aaaf2a768326ea046b459_s390x", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8-operator@sha256:c870e034b29dfa320cb6a6bf60021033b622b76a0c4aaaf2a768326ea046b459?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.7.0-19" } } }, { "category": "product_version", "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:fdbba855391acd2b33d0b16f9f0e7ba2a9cdbaa90bf71298182954b7f4c8fe76_s390x", "product": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:fdbba855391acd2b33d0b16f9f0e7ba2a9cdbaa90bf71298182954b7f4c8fe76_s390x", "product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:fdbba855391acd2b33d0b16f9f0e7ba2a9cdbaa90bf71298182954b7f4c8fe76_s390x", "product_identification_helper": { "purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:fdbba855391acd2b33d0b16f9f0e7ba2a9cdbaa90bf71298182954b7f4c8fe76?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.7.0-18" } } }, { "category": "product_version", "name": "rhacm2/prometheus-rhel8@sha256:6877b4207285d7a0e1343f5c1b70bab163d1fd5004f778998d2e612817ea5f06_s390x", "product": { "name": "rhacm2/prometheus-rhel8@sha256:6877b4207285d7a0e1343f5c1b70bab163d1fd5004f778998d2e612817ea5f06_s390x", "product_id": "rhacm2/prometheus-rhel8@sha256:6877b4207285d7a0e1343f5c1b70bab163d1fd5004f778998d2e612817ea5f06_s390x", "product_identification_helper": { "purl": "pkg:oci/prometheus-rhel8@sha256:6877b4207285d7a0e1343f5c1b70bab163d1fd5004f778998d2e612817ea5f06?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.7.0-18" } } }, { "category": "product_version", "name": "rhacm2/rbac-query-proxy-rhel8@sha256:3481fdb51147ce735b7864215cacd4c6a24b2c05a9388866f11be887a5fd0d4f_s390x", "product": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:3481fdb51147ce735b7864215cacd4c6a24b2c05a9388866f11be887a5fd0d4f_s390x", "product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:3481fdb51147ce735b7864215cacd4c6a24b2c05a9388866f11be887a5fd0d4f_s390x", "product_identification_helper": { "purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:3481fdb51147ce735b7864215cacd4c6a24b2c05a9388866f11be887a5fd0d4f?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.7.0-34" } } }, { "category": "product_version", "name": "rhacm2/search-collector-rhel8@sha256:6695c50772760b400d0535f406f02b7c37436c5ce6932b8d5518b995780287a8_s390x", "product": { "name": "rhacm2/search-collector-rhel8@sha256:6695c50772760b400d0535f406f02b7c37436c5ce6932b8d5518b995780287a8_s390x", "product_id": "rhacm2/search-collector-rhel8@sha256:6695c50772760b400d0535f406f02b7c37436c5ce6932b8d5518b995780287a8_s390x", "product_identification_helper": { "purl": "pkg:oci/search-collector-rhel8@sha256:6695c50772760b400d0535f406f02b7c37436c5ce6932b8d5518b995780287a8?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.7.0-28" } } }, { "category": "product_version", "name": "rhacm2/submariner-addon-rhel8@sha256:17dfda9e5f46f9df69171607ec2e078be9362de4c13e2ed20763fc59a7e9cd1a_s390x", "product": { "name": "rhacm2/submariner-addon-rhel8@sha256:17dfda9e5f46f9df69171607ec2e078be9362de4c13e2ed20763fc59a7e9cd1a_s390x", "product_id": "rhacm2/submariner-addon-rhel8@sha256:17dfda9e5f46f9df69171607ec2e078be9362de4c13e2ed20763fc59a7e9cd1a_s390x", "product_identification_helper": { "purl": "pkg:oci/submariner-addon-rhel8@sha256:17dfda9e5f46f9df69171607ec2e078be9362de4c13e2ed20763fc59a7e9cd1a?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.7.0-52" } } }, { "category": "product_version", "name": "rhacm2/thanos-rhel8@sha256:6515a630cddbb13fd14f81fd3b8c3a95f2469eaf599010b42732d8fd794af1b0_s390x", "product": { "name": "rhacm2/thanos-rhel8@sha256:6515a630cddbb13fd14f81fd3b8c3a95f2469eaf599010b42732d8fd794af1b0_s390x", "product_id": "rhacm2/thanos-rhel8@sha256:6515a630cddbb13fd14f81fd3b8c3a95f2469eaf599010b42732d8fd794af1b0_s390x", "product_identification_helper": { "purl": "pkg:oci/thanos-rhel8@sha256:6515a630cddbb13fd14f81fd3b8c3a95f2469eaf599010b42732d8fd794af1b0?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.7.0-17" } } }, { "category": "product_version", "name": "rhacm2/thanos-receive-controller-rhel8@sha256:b17fe936f5d8d8da38d72bf2153b47ac619c460c1f8227b4cb2f37cfc18cd4be_s390x", "product": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:b17fe936f5d8d8da38d72bf2153b47ac619c460c1f8227b4cb2f37cfc18cd4be_s390x", "product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:b17fe936f5d8d8da38d72bf2153b47ac619c460c1f8227b4cb2f37cfc18cd4be_s390x", "product_identification_helper": { "purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:b17fe936f5d8d8da38d72bf2153b47ac619c460c1f8227b4cb2f37cfc18cd4be?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.7.0-19" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:1aae106ecbdeadb77b0fd95133827e7fad4f5fcb9916e56ca0dfccab8bd34bed_ppc64le", "product": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:1aae106ecbdeadb77b0fd95133827e7fad4f5fcb9916e56ca0dfccab8bd34bed_ppc64le", "product_id": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:1aae106ecbdeadb77b0fd95133827e7fad4f5fcb9916e56ca0dfccab8bd34bed_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-governance-policy-addon-controller-rhel8@sha256:1aae106ecbdeadb77b0fd95133827e7fad4f5fcb9916e56ca0dfccab8bd34bed?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel8\u0026tag=v2.7.0-48" } } }, { "category": "product_version", "name": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:b7b778111722c0da14ae74580be1813f6ecedf97fcd88de46fd15cc3ace2cb61_ppc64le", "product": { "name": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:b7b778111722c0da14ae74580be1813f6ecedf97fcd88de46fd15cc3ace2cb61_ppc64le", "product_id": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:b7b778111722c0da14ae74580be1813f6ecedf97fcd88de46fd15cc3ace2cb61_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-governance-policy-framework-addon-rhel8@sha256:b7b778111722c0da14ae74580be1813f6ecedf97fcd88de46fd15cc3ace2cb61?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-framework-addon-rhel8\u0026tag=v2.7.0-25" } } }, { "category": "product_version", "name": "rhacm2/acm-grafana-rhel8@sha256:2e3505803004ca421087171bfe9097f6f106c812f840e8b83d1215150b4137c4_ppc64le", "product": { "name": "rhacm2/acm-grafana-rhel8@sha256:2e3505803004ca421087171bfe9097f6f106c812f840e8b83d1215150b4137c4_ppc64le", "product_id": "rhacm2/acm-grafana-rhel8@sha256:2e3505803004ca421087171bfe9097f6f106c812f840e8b83d1215150b4137c4_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-grafana-rhel8@sha256:2e3505803004ca421087171bfe9097f6f106c812f840e8b83d1215150b4137c4?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.7.0-19" } } }, { "category": "product_version", "name": "rhacm2/acm-must-gather-rhel8@sha256:a05c071011c96e4db1e4a469883103f4118a304d3e03338083d2a103c0e7c208_ppc64le", "product": { "name": "rhacm2/acm-must-gather-rhel8@sha256:a05c071011c96e4db1e4a469883103f4118a304d3e03338083d2a103c0e7c208_ppc64le", "product_id": "rhacm2/acm-must-gather-rhel8@sha256:a05c071011c96e4db1e4a469883103f4118a304d3e03338083d2a103c0e7c208_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-must-gather-rhel8@sha256:a05c071011c96e4db1e4a469883103f4118a304d3e03338083d2a103c0e7c208?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.7.0-23" } } }, { "category": "product_version", "name": "rhacm2/acm-operator-bundle@sha256:e45be680b6140f58ff1840649b29aebebad4c5950d9571ca39dfea1dffd669b0_ppc64le", "product": { "name": "rhacm2/acm-operator-bundle@sha256:e45be680b6140f58ff1840649b29aebebad4c5950d9571ca39dfea1dffd669b0_ppc64le", "product_id": "rhacm2/acm-operator-bundle@sha256:e45be680b6140f58ff1840649b29aebebad4c5950d9571ca39dfea1dffd669b0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-operator-bundle@sha256:e45be680b6140f58ff1840649b29aebebad4c5950d9571ca39dfea1dffd669b0?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.7.0-267" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0fd63f75b7638fadc78f92a62d6e9731e42c05069f3e93ab0ffd4b004de78100_ppc64le", "product": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0fd63f75b7638fadc78f92a62d6e9731e42c05069f3e93ab0ffd4b004de78100_ppc64le", "product_id": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0fd63f75b7638fadc78f92a62d6e9731e42c05069f3e93ab0ffd4b004de78100_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-config-reloader-rhel8@sha256:0fd63f75b7638fadc78f92a62d6e9731e42c05069f3e93ab0ffd4b004de78100?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel8\u0026tag=v2.7.0-22" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-rhel8@sha256:7e98ef30dca1071d5abff1be2a3a296cc9a4663162a3828b697637195d314e77_ppc64le", "product": { "name": "rhacm2/acm-prometheus-rhel8@sha256:7e98ef30dca1071d5abff1be2a3a296cc9a4663162a3828b697637195d314e77_ppc64le", "product_id": "rhacm2/acm-prometheus-rhel8@sha256:7e98ef30dca1071d5abff1be2a3a296cc9a4663162a3828b697637195d314e77_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-rhel8@sha256:7e98ef30dca1071d5abff1be2a3a296cc9a4663162a3828b697637195d314e77?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel8\u0026tag=v2.7.0-22" } } }, { "category": "product_version", "name": "rhacm2/acm-search-indexer-rhel8@sha256:aa89295f36c99d70e63b07e9fe2c8db348df38b3308870f543efb4be24beca6c_ppc64le", "product": { "name": "rhacm2/acm-search-indexer-rhel8@sha256:aa89295f36c99d70e63b07e9fe2c8db348df38b3308870f543efb4be24beca6c_ppc64le", "product_id": "rhacm2/acm-search-indexer-rhel8@sha256:aa89295f36c99d70e63b07e9fe2c8db348df38b3308870f543efb4be24beca6c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-search-indexer-rhel8@sha256:aa89295f36c99d70e63b07e9fe2c8db348df38b3308870f543efb4be24beca6c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-search-indexer-rhel8\u0026tag=v2.7.0-26" } } }, { "category": "product_version", "name": "rhacm2/acm-search-v2-api-rhel8@sha256:1d5153067a1cb127f74d2bc983d16db8f39313a378f14d13f7e39da28f2251ae_ppc64le", "product": { "name": "rhacm2/acm-search-v2-api-rhel8@sha256:1d5153067a1cb127f74d2bc983d16db8f39313a378f14d13f7e39da28f2251ae_ppc64le", "product_id": "rhacm2/acm-search-v2-api-rhel8@sha256:1d5153067a1cb127f74d2bc983d16db8f39313a378f14d13f7e39da28f2251ae_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-search-v2-api-rhel8@sha256:1d5153067a1cb127f74d2bc983d16db8f39313a378f14d13f7e39da28f2251ae?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-search-v2-api-rhel8\u0026tag=v2.7.0-42" } } }, { "category": "product_version", "name": "rhacm2/acm-search-v2-rhel8@sha256:f708326772c9ed846e11b053efda56c106d5a72a13482d2a8ecc179cfb957bc9_ppc64le", "product": { "name": "rhacm2/acm-search-v2-rhel8@sha256:f708326772c9ed846e11b053efda56c106d5a72a13482d2a8ecc179cfb957bc9_ppc64le", "product_id": "rhacm2/acm-search-v2-rhel8@sha256:f708326772c9ed846e11b053efda56c106d5a72a13482d2a8ecc179cfb957bc9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-search-v2-rhel8@sha256:f708326772c9ed846e11b053efda56c106d5a72a13482d2a8ecc179cfb957bc9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-search-v2-rhel8\u0026tag=v2.7.0-33" } } }, { "category": "product_version", "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:e3e10a30c35a9cbd5f81d107e9ce86b2410bd10171673521eab1491ebdee2314_ppc64le", "product": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:e3e10a30c35a9cbd5f81d107e9ce86b2410bd10171673521eab1491ebdee2314_ppc64le", "product_id": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:e3e10a30c35a9cbd5f81d107e9ce86b2410bd10171673521eab1491ebdee2314_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-volsync-addon-controller-rhel8@sha256:e3e10a30c35a9cbd5f81d107e9ce86b2410bd10171673521eab1491ebdee2314?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel8\u0026tag=v2.7.0-26" } } }, { "category": "product_version", "name": "rhacm2/cert-policy-controller-rhel8@sha256:5be8ca7ec79077906c23b52cdaa731866774a2e413babd395d3f24d892bed37a_ppc64le", "product": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:5be8ca7ec79077906c23b52cdaa731866774a2e413babd395d3f24d892bed37a_ppc64le", "product_id": "rhacm2/cert-policy-controller-rhel8@sha256:5be8ca7ec79077906c23b52cdaa731866774a2e413babd395d3f24d892bed37a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cert-policy-controller-rhel8@sha256:5be8ca7ec79077906c23b52cdaa731866774a2e413babd395d3f24d892bed37a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.7.0-23" } } }, { "category": "product_version", "name": "rhacm2/cluster-backup-rhel8-operator@sha256:f02c115867036c64cdf8669fe7690b94d23b19ad7b969938f7c4cbb00111d403_ppc64le", "product": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:f02c115867036c64cdf8669fe7690b94d23b19ad7b969938f7c4cbb00111d403_ppc64le", "product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:f02c115867036c64cdf8669fe7690b94d23b19ad7b969938f7c4cbb00111d403_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:f02c115867036c64cdf8669fe7690b94d23b19ad7b969938f7c4cbb00111d403?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.7.0-74" } } }, { "category": "product_version", "name": "rhacm2/config-policy-controller-rhel8@sha256:e5480dd0b573d0fd949fa2cf22d77ebb5a32765fb95bed18a02fa3155f690f5b_ppc64le", "product": { "name": "rhacm2/config-policy-controller-rhel8@sha256:e5480dd0b573d0fd949fa2cf22d77ebb5a32765fb95bed18a02fa3155f690f5b_ppc64le", "product_id": "rhacm2/config-policy-controller-rhel8@sha256:e5480dd0b573d0fd949fa2cf22d77ebb5a32765fb95bed18a02fa3155f690f5b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/config-policy-controller-rhel8@sha256:e5480dd0b573d0fd949fa2cf22d77ebb5a32765fb95bed18a02fa3155f690f5b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.7.0-39" } } }, { "category": "product_version", "name": "rhacm2/console-rhel8@sha256:89dad712668e3fdd11a79fdc477a5a2fe1060902bd3f3e575fd2812b4e9f7037_ppc64le", "product": { "name": "rhacm2/console-rhel8@sha256:89dad712668e3fdd11a79fdc477a5a2fe1060902bd3f3e575fd2812b4e9f7037_ppc64le", "product_id": "rhacm2/console-rhel8@sha256:89dad712668e3fdd11a79fdc477a5a2fe1060902bd3f3e575fd2812b4e9f7037_ppc64le", "product_identification_helper": { "purl": "pkg:oci/console-rhel8@sha256:89dad712668e3fdd11a79fdc477a5a2fe1060902bd3f3e575fd2812b4e9f7037?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.7.0-125" } } }, { "category": "product_version", "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:c5bcc8c4e5d2a4b7270b04dc1b8e8fa399a0f0bfff1d1cc3e7ec0b7b7b6e0f3f_ppc64le", "product": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:c5bcc8c4e5d2a4b7270b04dc1b8e8fa399a0f0bfff1d1cc3e7ec0b7b7b6e0f3f_ppc64le", "product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:c5bcc8c4e5d2a4b7270b04dc1b8e8fa399a0f0bfff1d1cc3e7ec0b7b7b6e0f3f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:c5bcc8c4e5d2a4b7270b04dc1b8e8fa399a0f0bfff1d1cc3e7ec0b7b7b6e0f3f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.7.0-33" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-propagator-rhel8@sha256:53a9030933e0b2f752461e5337590ad16e891a8fdda897d8a0cb8e135363f0d0_ppc64le", "product": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:53a9030933e0b2f752461e5337590ad16e891a8fdda897d8a0cb8e135363f0d0_ppc64le", "product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:53a9030933e0b2f752461e5337590ad16e891a8fdda897d8a0cb8e135363f0d0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:53a9030933e0b2f752461e5337590ad16e891a8fdda897d8a0cb8e135363f0d0?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.7.0-47" } } }, { "category": "product_version", "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:f35f6472c8138046e2f9017659dfb5a703cd895032a21d6d95c1075173005f7c_ppc64le", "product": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:f35f6472c8138046e2f9017659dfb5a703cd895032a21d6d95c1075173005f7c_ppc64le", "product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:f35f6472c8138046e2f9017659dfb5a703cd895032a21d6d95c1075173005f7c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:f35f6472c8138046e2f9017659dfb5a703cd895032a21d6d95c1075173005f7c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.7.0-34" } } }, { "category": "product_version", "name": "rhacm2/iam-policy-controller-rhel8@sha256:83354271af399291790b9c3e2e98ba1db7fac99b48a385d50e7318b357f882ca_ppc64le", "product": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:83354271af399291790b9c3e2e98ba1db7fac99b48a385d50e7318b357f882ca_ppc64le", "product_id": "rhacm2/iam-policy-controller-rhel8@sha256:83354271af399291790b9c3e2e98ba1db7fac99b48a385d50e7318b357f882ca_ppc64le", "product_identification_helper": { "purl": "pkg:oci/iam-policy-controller-rhel8@sha256:83354271af399291790b9c3e2e98ba1db7fac99b48a385d50e7318b357f882ca?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.7.0-24" } } }, { "category": "product_version", "name": "rhacm2/insights-client-rhel8@sha256:7040938ffaa1682dfefe95a614335b9d4f59aac472e47937f1d19f8325d985e6_ppc64le", "product": { "name": "rhacm2/insights-client-rhel8@sha256:7040938ffaa1682dfefe95a614335b9d4f59aac472e47937f1d19f8325d985e6_ppc64le", "product_id": "rhacm2/insights-client-rhel8@sha256:7040938ffaa1682dfefe95a614335b9d4f59aac472e47937f1d19f8325d985e6_ppc64le", "product_identification_helper": { "purl": "pkg:oci/insights-client-rhel8@sha256:7040938ffaa1682dfefe95a614335b9d4f59aac472e47937f1d19f8325d985e6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.7.0-20" } } }, { "category": "product_version", "name": "rhacm2/insights-metrics-rhel8@sha256:4bf538ff68126949da79f7b1ab97a44a64529e240cd3f84360a88bb6a9a08e4d_ppc64le", "product": { "name": "rhacm2/insights-metrics-rhel8@sha256:4bf538ff68126949da79f7b1ab97a44a64529e240cd3f84360a88bb6a9a08e4d_ppc64le", "product_id": "rhacm2/insights-metrics-rhel8@sha256:4bf538ff68126949da79f7b1ab97a44a64529e240cd3f84360a88bb6a9a08e4d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/insights-metrics-rhel8@sha256:4bf538ff68126949da79f7b1ab97a44a64529e240cd3f84360a88bb6a9a08e4d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.7.0-20" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:c89f9fed1ce56a6baf10808454b01d4df88571db744feb2bfae8b5707d82013f_ppc64le", "product": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:c89f9fed1ce56a6baf10808454b01d4df88571db744feb2bfae8b5707d82013f_ppc64le", "product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:c89f9fed1ce56a6baf10808454b01d4df88571db744feb2bfae8b5707d82013f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:c89f9fed1ce56a6baf10808454b01d4df88571db744feb2bfae8b5707d82013f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.7.0-20" } } }, { "category": "product_version", "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:455dde7a89b1505c93651022451b83e1e8f86186b98f660e3c6ad998a97d48f3_ppc64le", "product": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:455dde7a89b1505c93651022451b83e1e8f86186b98f660e3c6ad998a97d48f3_ppc64le", "product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:455dde7a89b1505c93651022451b83e1e8f86186b98f660e3c6ad998a97d48f3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:455dde7a89b1505c93651022451b83e1e8f86186b98f660e3c6ad998a97d48f3?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.7.0-21" } } }, { "category": "product_version", "name": "rhacm2/kube-state-metrics-rhel8@sha256:c56179f297ebab2ef9851417ec42ac6c16b6f8cb3627c243ff6984d2dd6ac76d_ppc64le", "product": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:c56179f297ebab2ef9851417ec42ac6c16b6f8cb3627c243ff6984d2dd6ac76d_ppc64le", "product_id": "rhacm2/kube-state-metrics-rhel8@sha256:c56179f297ebab2ef9851417ec42ac6c16b6f8cb3627c243ff6984d2dd6ac76d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kube-state-metrics-rhel8@sha256:c56179f297ebab2ef9851417ec42ac6c16b6f8cb3627c243ff6984d2dd6ac76d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.7.0-22" } } }, { "category": "product_version", "name": "rhacm2/management-ingress-rhel8@sha256:3b94abf5182934113b1cf9b8688a2da977d5fec3110f2d79b81b2ec46ffeada3_ppc64le", "product": { "name": "rhacm2/management-ingress-rhel8@sha256:3b94abf5182934113b1cf9b8688a2da977d5fec3110f2d79b81b2ec46ffeada3_ppc64le", "product_id": "rhacm2/management-ingress-rhel8@sha256:3b94abf5182934113b1cf9b8688a2da977d5fec3110f2d79b81b2ec46ffeada3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/management-ingress-rhel8@sha256:3b94abf5182934113b1cf9b8688a2da977d5fec3110f2d79b81b2ec46ffeada3?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.7.0-21" } } }, { "category": "product_version", "name": "rhacm2/memcached-rhel8@sha256:6bac06a2e1e181fe4920a33df5ce433635871a42ba30fbbe0adff1c505fbab4b_ppc64le", "product": { "name": "rhacm2/memcached-rhel8@sha256:6bac06a2e1e181fe4920a33df5ce433635871a42ba30fbbe0adff1c505fbab4b_ppc64le", "product_id": "rhacm2/memcached-rhel8@sha256:6bac06a2e1e181fe4920a33df5ce433635871a42ba30fbbe0adff1c505fbab4b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/memcached-rhel8@sha256:6bac06a2e1e181fe4920a33df5ce433635871a42ba30fbbe0adff1c505fbab4b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.7.0-9" } } }, { "category": "product_version", "name": "rhacm2/memcached-exporter-rhel8@sha256:708e8f9531f5cc33a2543956eb0c940e5ad36d2ac196903a0beaa42944cb543f_ppc64le", "product": { "name": "rhacm2/memcached-exporter-rhel8@sha256:708e8f9531f5cc33a2543956eb0c940e5ad36d2ac196903a0beaa42944cb543f_ppc64le", "product_id": "rhacm2/memcached-exporter-rhel8@sha256:708e8f9531f5cc33a2543956eb0c940e5ad36d2ac196903a0beaa42944cb543f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/memcached-exporter-rhel8@sha256:708e8f9531f5cc33a2543956eb0c940e5ad36d2ac196903a0beaa42944cb543f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.7.0-16" } } }, { "category": "product_version", "name": "rhacm2/metrics-collector-rhel8@sha256:e06aed89ad0c48bef78e45512d22c3373f62c63d335d953ba064b160a68fcad2_ppc64le", "product": { "name": "rhacm2/metrics-collector-rhel8@sha256:e06aed89ad0c48bef78e45512d22c3373f62c63d335d953ba064b160a68fcad2_ppc64le", "product_id": "rhacm2/metrics-collector-rhel8@sha256:e06aed89ad0c48bef78e45512d22c3373f62c63d335d953ba064b160a68fcad2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/metrics-collector-rhel8@sha256:e06aed89ad0c48bef78e45512d22c3373f62c63d335d953ba064b160a68fcad2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.7.0-33" } } }, { "category": "product_version", "name": "rhacm2/multicloud-integrations-rhel8@sha256:1063ef655f5dd15b0b914572ba672892eb53b441ae151d14cffca9d320860f2d_ppc64le", "product": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:1063ef655f5dd15b0b914572ba672892eb53b441ae151d14cffca9d320860f2d_ppc64le", "product_id": "rhacm2/multicloud-integrations-rhel8@sha256:1063ef655f5dd15b0b914572ba672892eb53b441ae151d14cffca9d320860f2d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicloud-integrations-rhel8@sha256:1063ef655f5dd15b0b914572ba672892eb53b441ae151d14cffca9d320860f2d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.7.0-24" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-rhel8@sha256:e96ea7f3533e7d0836512cbc2b027b60c400aa16c8e4691117608ab4736a059b_ppc64le", "product": { "name": "rhacm2/multiclusterhub-rhel8@sha256:e96ea7f3533e7d0836512cbc2b027b60c400aa16c8e4691117608ab4736a059b_ppc64le", "product_id": "rhacm2/multiclusterhub-rhel8@sha256:e96ea7f3533e7d0836512cbc2b027b60c400aa16c8e4691117608ab4736a059b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-rhel8@sha256:e96ea7f3533e7d0836512cbc2b027b60c400aa16c8e4691117608ab4736a059b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.7.0-63" } } }, { "category": "product_version", "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:f212909bc9ed5be6da68a3b6a4866fdc17ecc3514b075977a8679998d6742cbe_ppc64le", "product": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:f212909bc9ed5be6da68a3b6a4866fdc17ecc3514b075977a8679998d6742cbe_ppc64le", "product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:f212909bc9ed5be6da68a3b6a4866fdc17ecc3514b075977a8679998d6742cbe_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:f212909bc9ed5be6da68a3b6a4866fdc17ecc3514b075977a8679998d6742cbe?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.7.0-34" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-application-rhel8@sha256:b385c92b069a8dae72e57b69d24e1fff59ad46781579882a1edfa4839fd8bbba_ppc64le", "product": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:b385c92b069a8dae72e57b69d24e1fff59ad46781579882a1edfa4839fd8bbba_ppc64le", "product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:b385c92b069a8dae72e57b69d24e1fff59ad46781579882a1edfa4839fd8bbba_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:b385c92b069a8dae72e57b69d24e1fff59ad46781579882a1edfa4839fd8bbba?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.7.0-22" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:044723d62439a8364772ab27be2c04dbd2c0421dbeb0a7b94f70e99e646b4c80_ppc64le", "product": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:044723d62439a8364772ab27be2c04dbd2c0421dbeb0a7b94f70e99e646b4c80_ppc64le", "product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:044723d62439a8364772ab27be2c04dbd2c0421dbeb0a7b94f70e99e646b4c80_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:044723d62439a8364772ab27be2c04dbd2c0421dbeb0a7b94f70e99e646b4c80?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.7.0-25" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:a69777a61feaf373c162a82ffb6f6996df6231c23cb2f1923bdd77c311d7d739_ppc64le", "product": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:a69777a61feaf373c162a82ffb6f6996df6231c23cb2f1923bdd77c311d7d739_ppc64le", "product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:a69777a61feaf373c162a82ffb6f6996df6231c23cb2f1923bdd77c311d7d739_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:a69777a61feaf373c162a82ffb6f6996df6231c23cb2f1923bdd77c311d7d739?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.7.0-57" } } }, { "category": "product_version", "name": "rhacm2/node-exporter-rhel8@sha256:1af36144b83dc16cd1958d0414be55eaa2aae95894b6eefd2233308ace81df02_ppc64le", "product": { "name": "rhacm2/node-exporter-rhel8@sha256:1af36144b83dc16cd1958d0414be55eaa2aae95894b6eefd2233308ace81df02_ppc64le", "product_id": "rhacm2/node-exporter-rhel8@sha256:1af36144b83dc16cd1958d0414be55eaa2aae95894b6eefd2233308ace81df02_ppc64le", "product_identification_helper": { "purl": "pkg:oci/node-exporter-rhel8@sha256:1af36144b83dc16cd1958d0414be55eaa2aae95894b6eefd2233308ace81df02?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.7.0-21" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8@sha256:b7b3de98fbcc216c00d3291691f8997183a6409dabed8ea7b10b336c481b2b87_ppc64le", "product": { "name": "rhacm2/observatorium-rhel8@sha256:b7b3de98fbcc216c00d3291691f8997183a6409dabed8ea7b10b336c481b2b87_ppc64le", "product_id": "rhacm2/observatorium-rhel8@sha256:b7b3de98fbcc216c00d3291691f8997183a6409dabed8ea7b10b336c481b2b87_ppc64le", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8@sha256:b7b3de98fbcc216c00d3291691f8997183a6409dabed8ea7b10b336c481b2b87?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.7.0-21" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8-operator@sha256:c4e260eabb09bacc1aa332ea2001333c671e0fc65a3ef4d04e02b5473b45642d_ppc64le", "product": { "name": "rhacm2/observatorium-rhel8-operator@sha256:c4e260eabb09bacc1aa332ea2001333c671e0fc65a3ef4d04e02b5473b45642d_ppc64le", "product_id": "rhacm2/observatorium-rhel8-operator@sha256:c4e260eabb09bacc1aa332ea2001333c671e0fc65a3ef4d04e02b5473b45642d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8-operator@sha256:c4e260eabb09bacc1aa332ea2001333c671e0fc65a3ef4d04e02b5473b45642d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.7.0-19" } } }, { "category": "product_version", "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:8e8c89c184a5d023f031ab7cca2c4c64cdfd151c37aa5ae3a206cb1f1055268f_ppc64le", "product": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:8e8c89c184a5d023f031ab7cca2c4c64cdfd151c37aa5ae3a206cb1f1055268f_ppc64le", "product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:8e8c89c184a5d023f031ab7cca2c4c64cdfd151c37aa5ae3a206cb1f1055268f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:8e8c89c184a5d023f031ab7cca2c4c64cdfd151c37aa5ae3a206cb1f1055268f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.7.0-18" } } }, { "category": "product_version", "name": "rhacm2/prometheus-rhel8@sha256:a5a9a7c264f07c789094cb5371729f86700c0cfce4605b573c236c21a46ea9d6_ppc64le", "product": { "name": "rhacm2/prometheus-rhel8@sha256:a5a9a7c264f07c789094cb5371729f86700c0cfce4605b573c236c21a46ea9d6_ppc64le", "product_id": "rhacm2/prometheus-rhel8@sha256:a5a9a7c264f07c789094cb5371729f86700c0cfce4605b573c236c21a46ea9d6_ppc64le", "product_identification_helper": { "purl": "pkg:oci/prometheus-rhel8@sha256:a5a9a7c264f07c789094cb5371729f86700c0cfce4605b573c236c21a46ea9d6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.7.0-18" } } }, { "category": "product_version", "name": "rhacm2/rbac-query-proxy-rhel8@sha256:ceb1bd89103c56378166ab968dbaa387ab0531d1592f053718d0c1c683770e3d_ppc64le", "product": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:ceb1bd89103c56378166ab968dbaa387ab0531d1592f053718d0c1c683770e3d_ppc64le", "product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:ceb1bd89103c56378166ab968dbaa387ab0531d1592f053718d0c1c683770e3d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:ceb1bd89103c56378166ab968dbaa387ab0531d1592f053718d0c1c683770e3d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.7.0-34" } } }, { "category": "product_version", "name": "rhacm2/search-collector-rhel8@sha256:e129649706a536e4ef6e8f770d0bf682f35da55c86c978c749e903b1a2bbe875_ppc64le", "product": { "name": "rhacm2/search-collector-rhel8@sha256:e129649706a536e4ef6e8f770d0bf682f35da55c86c978c749e903b1a2bbe875_ppc64le", "product_id": "rhacm2/search-collector-rhel8@sha256:e129649706a536e4ef6e8f770d0bf682f35da55c86c978c749e903b1a2bbe875_ppc64le", "product_identification_helper": { "purl": "pkg:oci/search-collector-rhel8@sha256:e129649706a536e4ef6e8f770d0bf682f35da55c86c978c749e903b1a2bbe875?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.7.0-28" } } }, { "category": "product_version", "name": "rhacm2/submariner-addon-rhel8@sha256:581fb02a9670b27810f2ad35bad4a82d2e1eab77fcd1274de05b0a922450d3fc_ppc64le", "product": { "name": "rhacm2/submariner-addon-rhel8@sha256:581fb02a9670b27810f2ad35bad4a82d2e1eab77fcd1274de05b0a922450d3fc_ppc64le", "product_id": "rhacm2/submariner-addon-rhel8@sha256:581fb02a9670b27810f2ad35bad4a82d2e1eab77fcd1274de05b0a922450d3fc_ppc64le", "product_identification_helper": { "purl": "pkg:oci/submariner-addon-rhel8@sha256:581fb02a9670b27810f2ad35bad4a82d2e1eab77fcd1274de05b0a922450d3fc?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.7.0-52" } } }, { "category": "product_version", "name": "rhacm2/thanos-rhel8@sha256:736e1fd62ba7b6c56ad1af81ab1260dd7d13a770d62914183aaa2cc2ebb0dc20_ppc64le", "product": { "name": "rhacm2/thanos-rhel8@sha256:736e1fd62ba7b6c56ad1af81ab1260dd7d13a770d62914183aaa2cc2ebb0dc20_ppc64le", "product_id": "rhacm2/thanos-rhel8@sha256:736e1fd62ba7b6c56ad1af81ab1260dd7d13a770d62914183aaa2cc2ebb0dc20_ppc64le", "product_identification_helper": { "purl": "pkg:oci/thanos-rhel8@sha256:736e1fd62ba7b6c56ad1af81ab1260dd7d13a770d62914183aaa2cc2ebb0dc20?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.7.0-17" } } }, { "category": "product_version", "name": "rhacm2/thanos-receive-controller-rhel8@sha256:4b228ecad424ca792139152948e27ed4c714dcfbcd540caf117dee20845018c8_ppc64le", "product": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:4b228ecad424ca792139152948e27ed4c714dcfbcd540caf117dee20845018c8_ppc64le", "product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:4b228ecad424ca792139152948e27ed4c714dcfbcd540caf117dee20845018c8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:4b228ecad424ca792139152948e27ed4c714dcfbcd540caf117dee20845018c8?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.7.0-19" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:1aae106ecbdeadb77b0fd95133827e7fad4f5fcb9916e56ca0dfccab8bd34bed_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:1aae106ecbdeadb77b0fd95133827e7fad4f5fcb9916e56ca0dfccab8bd34bed_ppc64le" }, "product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:1aae106ecbdeadb77b0fd95133827e7fad4f5fcb9916e56ca0dfccab8bd34bed_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:2c7f0617df666e8cbcd622dee073a35843db4a81caa19b7db3b9fb9264cdf7fc_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:2c7f0617df666e8cbcd622dee073a35843db4a81caa19b7db3b9fb9264cdf7fc_amd64" }, "product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:2c7f0617df666e8cbcd622dee073a35843db4a81caa19b7db3b9fb9264cdf7fc_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7f6671f84fcbe569fceece415dd7beeb8bb7f86c3031bdfb3ac0d0e777051b2f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7f6671f84fcbe569fceece415dd7beeb8bb7f86c3031bdfb3ac0d0e777051b2f_s390x" }, "product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7f6671f84fcbe569fceece415dd7beeb8bb7f86c3031bdfb3ac0d0e777051b2f_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:b30028955a86b6ecdb8c6865328976d74e98f56d6e21277a9f5a812f896b6303_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:b30028955a86b6ecdb8c6865328976d74e98f56d6e21277a9f5a812f896b6303_arm64" }, "product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:b30028955a86b6ecdb8c6865328976d74e98f56d6e21277a9f5a812f896b6303_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:25271964483024b3235dd61f7e7bb9dd5e9dfa75f76e6ded5c92580d440ca48b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:25271964483024b3235dd61f7e7bb9dd5e9dfa75f76e6ded5c92580d440ca48b_s390x" }, "product_reference": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:25271964483024b3235dd61f7e7bb9dd5e9dfa75f76e6ded5c92580d440ca48b_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:7dcde13540cc938374463521f91091a7bbf0a037cabfc5e4b55c89497e0ba6bf_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:7dcde13540cc938374463521f91091a7bbf0a037cabfc5e4b55c89497e0ba6bf_arm64" }, "product_reference": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:7dcde13540cc938374463521f91091a7bbf0a037cabfc5e4b55c89497e0ba6bf_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:b7b778111722c0da14ae74580be1813f6ecedf97fcd88de46fd15cc3ace2cb61_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:b7b778111722c0da14ae74580be1813f6ecedf97fcd88de46fd15cc3ace2cb61_ppc64le" }, "product_reference": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:b7b778111722c0da14ae74580be1813f6ecedf97fcd88de46fd15cc3ace2cb61_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:ec5fc63b94bc9c070f14fd76d4ae26b90e3f29d3694887380a5f8f8ea5a04bc0_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:ec5fc63b94bc9c070f14fd76d4ae26b90e3f29d3694887380a5f8f8ea5a04bc0_amd64" }, "product_reference": "rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:ec5fc63b94bc9c070f14fd76d4ae26b90e3f29d3694887380a5f8f8ea5a04bc0_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-grafana-rhel8@sha256:0c427fa58c97b71eb784e4a590c208b0284cf656f66a268ea4803804ce3ce28a_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:0c427fa58c97b71eb784e4a590c208b0284cf656f66a268ea4803804ce3ce28a_arm64" }, "product_reference": "rhacm2/acm-grafana-rhel8@sha256:0c427fa58c97b71eb784e4a590c208b0284cf656f66a268ea4803804ce3ce28a_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-grafana-rhel8@sha256:2e3505803004ca421087171bfe9097f6f106c812f840e8b83d1215150b4137c4_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:2e3505803004ca421087171bfe9097f6f106c812f840e8b83d1215150b4137c4_ppc64le" }, "product_reference": "rhacm2/acm-grafana-rhel8@sha256:2e3505803004ca421087171bfe9097f6f106c812f840e8b83d1215150b4137c4_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-grafana-rhel8@sha256:49746c3a6e7033b1bac90d3515e0f5ab44aaf9c45cce414308da72bb960287b1_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:49746c3a6e7033b1bac90d3515e0f5ab44aaf9c45cce414308da72bb960287b1_amd64" }, "product_reference": "rhacm2/acm-grafana-rhel8@sha256:49746c3a6e7033b1bac90d3515e0f5ab44aaf9c45cce414308da72bb960287b1_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-grafana-rhel8@sha256:c8f1a9d09131727033e6e60984c5baa3271adc6a23854b9aabe70f36952d35d6_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:c8f1a9d09131727033e6e60984c5baa3271adc6a23854b9aabe70f36952d35d6_s390x" }, "product_reference": "rhacm2/acm-grafana-rhel8@sha256:c8f1a9d09131727033e6e60984c5baa3271adc6a23854b9aabe70f36952d35d6_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-must-gather-rhel8@sha256:0be17e173b962f1a87e833096f208c9030fce1128b2b8c86842a0a40f7d6cf02_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:0be17e173b962f1a87e833096f208c9030fce1128b2b8c86842a0a40f7d6cf02_arm64" }, "product_reference": "rhacm2/acm-must-gather-rhel8@sha256:0be17e173b962f1a87e833096f208c9030fce1128b2b8c86842a0a40f7d6cf02_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-must-gather-rhel8@sha256:5c79bf93599b792c20c76d9a0a35532ad79a45f3765dccfbafab9a273e338e52_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:5c79bf93599b792c20c76d9a0a35532ad79a45f3765dccfbafab9a273e338e52_amd64" }, "product_reference": "rhacm2/acm-must-gather-rhel8@sha256:5c79bf93599b792c20c76d9a0a35532ad79a45f3765dccfbafab9a273e338e52_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-must-gather-rhel8@sha256:a05c071011c96e4db1e4a469883103f4118a304d3e03338083d2a103c0e7c208_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:a05c071011c96e4db1e4a469883103f4118a304d3e03338083d2a103c0e7c208_ppc64le" }, "product_reference": "rhacm2/acm-must-gather-rhel8@sha256:a05c071011c96e4db1e4a469883103f4118a304d3e03338083d2a103c0e7c208_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-must-gather-rhel8@sha256:ad85c5d648363cdb36790b49311f4e07a8584b9e6065cde9d41274a1bd716f0a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:ad85c5d648363cdb36790b49311f4e07a8584b9e6065cde9d41274a1bd716f0a_s390x" }, "product_reference": "rhacm2/acm-must-gather-rhel8@sha256:ad85c5d648363cdb36790b49311f4e07a8584b9e6065cde9d41274a1bd716f0a_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-operator-bundle@sha256:90320bd14c632ace987ca1eac05a78068123ef1fc97c401951d073a3f0fd8e66_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:90320bd14c632ace987ca1eac05a78068123ef1fc97c401951d073a3f0fd8e66_s390x" }, "product_reference": "rhacm2/acm-operator-bundle@sha256:90320bd14c632ace987ca1eac05a78068123ef1fc97c401951d073a3f0fd8e66_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-operator-bundle@sha256:e45be680b6140f58ff1840649b29aebebad4c5950d9571ca39dfea1dffd669b0_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:e45be680b6140f58ff1840649b29aebebad4c5950d9571ca39dfea1dffd669b0_ppc64le" }, "product_reference": "rhacm2/acm-operator-bundle@sha256:e45be680b6140f58ff1840649b29aebebad4c5950d9571ca39dfea1dffd669b0_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-operator-bundle@sha256:f63d0a9a0e3dc9d86e84279c50e9c613d8430e71a3821d418e168250ca3b747c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:f63d0a9a0e3dc9d86e84279c50e9c613d8430e71a3821d418e168250ca3b747c_amd64" }, "product_reference": "rhacm2/acm-operator-bundle@sha256:f63d0a9a0e3dc9d86e84279c50e9c613d8430e71a3821d418e168250ca3b747c_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0fd63f75b7638fadc78f92a62d6e9731e42c05069f3e93ab0ffd4b004de78100_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0fd63f75b7638fadc78f92a62d6e9731e42c05069f3e93ab0ffd4b004de78100_ppc64le" }, "product_reference": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0fd63f75b7638fadc78f92a62d6e9731e42c05069f3e93ab0ffd4b004de78100_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:2839bcce06fd5a02f6cc8fce8668fb806ae8f2e0e7174e5c66376792c2d1fd92_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:2839bcce06fd5a02f6cc8fce8668fb806ae8f2e0e7174e5c66376792c2d1fd92_s390x" }, "product_reference": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:2839bcce06fd5a02f6cc8fce8668fb806ae8f2e0e7174e5c66376792c2d1fd92_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:7fcb79c1707b3c8b767d8c174e5b64516f200c0bfa255c1f40557446b37debae_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:7fcb79c1707b3c8b767d8c174e5b64516f200c0bfa255c1f40557446b37debae_amd64" }, "product_reference": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:7fcb79c1707b3c8b767d8c174e5b64516f200c0bfa255c1f40557446b37debae_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a4e43fc7608837da6a66cb2c5bda4b78b520c3075c0f1f66bb824fa44e2d35fd_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a4e43fc7608837da6a66cb2c5bda4b78b520c3075c0f1f66bb824fa44e2d35fd_arm64" }, "product_reference": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a4e43fc7608837da6a66cb2c5bda4b78b520c3075c0f1f66bb824fa44e2d35fd_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-rhel8@sha256:4283fa3b6ee93404d4fe7b551b52dbd7a4bbd8be0a57cf9b603a68736feefaea_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:4283fa3b6ee93404d4fe7b551b52dbd7a4bbd8be0a57cf9b603a68736feefaea_amd64" }, "product_reference": "rhacm2/acm-prometheus-rhel8@sha256:4283fa3b6ee93404d4fe7b551b52dbd7a4bbd8be0a57cf9b603a68736feefaea_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-rhel8@sha256:7e98ef30dca1071d5abff1be2a3a296cc9a4663162a3828b697637195d314e77_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:7e98ef30dca1071d5abff1be2a3a296cc9a4663162a3828b697637195d314e77_ppc64le" }, "product_reference": "rhacm2/acm-prometheus-rhel8@sha256:7e98ef30dca1071d5abff1be2a3a296cc9a4663162a3828b697637195d314e77_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-rhel8@sha256:b3ee1cad060e7f72414df1ae6c0e27ddf6f6fa7a8e45627ebeb912b8a9ca3b74_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:b3ee1cad060e7f72414df1ae6c0e27ddf6f6fa7a8e45627ebeb912b8a9ca3b74_arm64" }, "product_reference": "rhacm2/acm-prometheus-rhel8@sha256:b3ee1cad060e7f72414df1ae6c0e27ddf6f6fa7a8e45627ebeb912b8a9ca3b74_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-rhel8@sha256:c6d947e30ec1aa348d573ee93c669f71b38ea93801e71636f5f9ab4609f681b4_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:c6d947e30ec1aa348d573ee93c669f71b38ea93801e71636f5f9ab4609f681b4_s390x" }, "product_reference": "rhacm2/acm-prometheus-rhel8@sha256:c6d947e30ec1aa348d573ee93c669f71b38ea93801e71636f5f9ab4609f681b4_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-search-indexer-rhel8@sha256:436307eef035e0e9be448eb6c4f6a690a7d357ed06d661642b082e0d3219864c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:436307eef035e0e9be448eb6c4f6a690a7d357ed06d661642b082e0d3219864c_amd64" }, "product_reference": "rhacm2/acm-search-indexer-rhel8@sha256:436307eef035e0e9be448eb6c4f6a690a7d357ed06d661642b082e0d3219864c_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-search-indexer-rhel8@sha256:53ceb20280569eaf0129686d49d462a3c1d3eaf2829b6eb920e9359be718e2c4_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:53ceb20280569eaf0129686d49d462a3c1d3eaf2829b6eb920e9359be718e2c4_s390x" }, "product_reference": "rhacm2/acm-search-indexer-rhel8@sha256:53ceb20280569eaf0129686d49d462a3c1d3eaf2829b6eb920e9359be718e2c4_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-search-indexer-rhel8@sha256:aa89295f36c99d70e63b07e9fe2c8db348df38b3308870f543efb4be24beca6c_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aa89295f36c99d70e63b07e9fe2c8db348df38b3308870f543efb4be24beca6c_ppc64le" }, "product_reference": "rhacm2/acm-search-indexer-rhel8@sha256:aa89295f36c99d70e63b07e9fe2c8db348df38b3308870f543efb4be24beca6c_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-search-indexer-rhel8@sha256:aed3972894519bc832bd9a340316a752ebb8edbc393051904c399eef7e423dd4_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aed3972894519bc832bd9a340316a752ebb8edbc393051904c399eef7e423dd4_arm64" }, "product_reference": "rhacm2/acm-search-indexer-rhel8@sha256:aed3972894519bc832bd9a340316a752ebb8edbc393051904c399eef7e423dd4_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-search-v2-api-rhel8@sha256:1808d69232a47c3590a41c1e97126dd06c2727be972b11170b115f2e5d9fec38_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1808d69232a47c3590a41c1e97126dd06c2727be972b11170b115f2e5d9fec38_amd64" }, "product_reference": "rhacm2/acm-search-v2-api-rhel8@sha256:1808d69232a47c3590a41c1e97126dd06c2727be972b11170b115f2e5d9fec38_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-search-v2-api-rhel8@sha256:1d5153067a1cb127f74d2bc983d16db8f39313a378f14d13f7e39da28f2251ae_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1d5153067a1cb127f74d2bc983d16db8f39313a378f14d13f7e39da28f2251ae_ppc64le" }, "product_reference": "rhacm2/acm-search-v2-api-rhel8@sha256:1d5153067a1cb127f74d2bc983d16db8f39313a378f14d13f7e39da28f2251ae_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-search-v2-api-rhel8@sha256:5be1e54791e8024f0e1342eba7d4441e0606f9a26be8f52aff51c8665baa41cc_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:5be1e54791e8024f0e1342eba7d4441e0606f9a26be8f52aff51c8665baa41cc_s390x" }, "product_reference": "rhacm2/acm-search-v2-api-rhel8@sha256:5be1e54791e8024f0e1342eba7d4441e0606f9a26be8f52aff51c8665baa41cc_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-search-v2-api-rhel8@sha256:f2924c460e8d7e12da359f365f9ec3b13c2d175dd6c11533b12113741eea7292_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:f2924c460e8d7e12da359f365f9ec3b13c2d175dd6c11533b12113741eea7292_arm64" }, "product_reference": "rhacm2/acm-search-v2-api-rhel8@sha256:f2924c460e8d7e12da359f365f9ec3b13c2d175dd6c11533b12113741eea7292_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-search-v2-rhel8@sha256:8a28d0fad728823ae5a07a259a0866bc507ae9b0f90eb1b4c63567aaf13c377c_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:8a28d0fad728823ae5a07a259a0866bc507ae9b0f90eb1b4c63567aaf13c377c_arm64" }, "product_reference": "rhacm2/acm-search-v2-rhel8@sha256:8a28d0fad728823ae5a07a259a0866bc507ae9b0f90eb1b4c63567aaf13c377c_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-search-v2-rhel8@sha256:f5b656141ad16ac873d1b886abc3b956380268b6c0dddb8ceac3e79b65edae0a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f5b656141ad16ac873d1b886abc3b956380268b6c0dddb8ceac3e79b65edae0a_s390x" }, "product_reference": "rhacm2/acm-search-v2-rhel8@sha256:f5b656141ad16ac873d1b886abc3b956380268b6c0dddb8ceac3e79b65edae0a_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-search-v2-rhel8@sha256:f708326772c9ed846e11b053efda56c106d5a72a13482d2a8ecc179cfb957bc9_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f708326772c9ed846e11b053efda56c106d5a72a13482d2a8ecc179cfb957bc9_ppc64le" }, "product_reference": "rhacm2/acm-search-v2-rhel8@sha256:f708326772c9ed846e11b053efda56c106d5a72a13482d2a8ecc179cfb957bc9_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-search-v2-rhel8@sha256:fb98ce01f36b3780192e99b96c688387b5d76892f409b831d6f134ec65d02d4a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:fb98ce01f36b3780192e99b96c688387b5d76892f409b831d6f134ec65d02d4a_amd64" }, "product_reference": "rhacm2/acm-search-v2-rhel8@sha256:fb98ce01f36b3780192e99b96c688387b5d76892f409b831d6f134ec65d02d4a_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:56067372156bb6d00103eecc4b5c80478980036b8143a2e2a73f8a685d0d78ee_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:56067372156bb6d00103eecc4b5c80478980036b8143a2e2a73f8a685d0d78ee_amd64" }, "product_reference": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:56067372156bb6d00103eecc4b5c80478980036b8143a2e2a73f8a685d0d78ee_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:98724153fa7763d22bcf11c3a5faa6eee0f6c40c4f4f647487e106d2ef427218_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:98724153fa7763d22bcf11c3a5faa6eee0f6c40c4f4f647487e106d2ef427218_s390x" }, "product_reference": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:98724153fa7763d22bcf11c3a5faa6eee0f6c40c4f4f647487e106d2ef427218_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:a7f8ce55764d4e303d54aaf064d56ee192620d29b361fabcda2a26f364221dc9_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:a7f8ce55764d4e303d54aaf064d56ee192620d29b361fabcda2a26f364221dc9_arm64" }, "product_reference": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:a7f8ce55764d4e303d54aaf064d56ee192620d29b361fabcda2a26f364221dc9_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:e3e10a30c35a9cbd5f81d107e9ce86b2410bd10171673521eab1491ebdee2314_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:e3e10a30c35a9cbd5f81d107e9ce86b2410bd10171673521eab1491ebdee2314_ppc64le" }, "product_reference": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:e3e10a30c35a9cbd5f81d107e9ce86b2410bd10171673521eab1491ebdee2314_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:1de63e2d307841c7707f4d0c09cd1d9cd673bbd7736c5f6c533986a9de0d1118_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:1de63e2d307841c7707f4d0c09cd1d9cd673bbd7736c5f6c533986a9de0d1118_s390x" }, "product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:1de63e2d307841c7707f4d0c09cd1d9cd673bbd7736c5f6c533986a9de0d1118_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:488e74aed7f420f6112ef1f7b3b5cc812358574ec149ecca1147ff2f9d6d7835_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:488e74aed7f420f6112ef1f7b3b5cc812358574ec149ecca1147ff2f9d6d7835_arm64" }, "product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:488e74aed7f420f6112ef1f7b3b5cc812358574ec149ecca1147ff2f9d6d7835_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:5be8ca7ec79077906c23b52cdaa731866774a2e413babd395d3f24d892bed37a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:5be8ca7ec79077906c23b52cdaa731866774a2e413babd395d3f24d892bed37a_ppc64le" }, "product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:5be8ca7ec79077906c23b52cdaa731866774a2e413babd395d3f24d892bed37a_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:c78e2547f3cff318747e354f09e5954c71fde8840ab8db818050dc9531205e6c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:c78e2547f3cff318747e354f09e5954c71fde8840ab8db818050dc9531205e6c_amd64" }, "product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:c78e2547f3cff318747e354f09e5954c71fde8840ab8db818050dc9531205e6c_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:09f23f185abfbec175fbea2cc1fba624308c2777b5c8133d9e98daeb4bcfa009_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:09f23f185abfbec175fbea2cc1fba624308c2777b5c8133d9e98daeb4bcfa009_s390x" }, "product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:09f23f185abfbec175fbea2cc1fba624308c2777b5c8133d9e98daeb4bcfa009_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:3af39faf1795e87018795c35b2ec5074bfcd1bf76b84326446cfb1570bc0d5e0_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3af39faf1795e87018795c35b2ec5074bfcd1bf76b84326446cfb1570bc0d5e0_arm64" }, "product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:3af39faf1795e87018795c35b2ec5074bfcd1bf76b84326446cfb1570bc0d5e0_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:3c969356ace5c3bc0fa5d6d8e25a838262b0f6152533f4361034a742eb29ae24_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3c969356ace5c3bc0fa5d6d8e25a838262b0f6152533f4361034a742eb29ae24_amd64" }, "product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:3c969356ace5c3bc0fa5d6d8e25a838262b0f6152533f4361034a742eb29ae24_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:f02c115867036c64cdf8669fe7690b94d23b19ad7b969938f7c4cbb00111d403_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:f02c115867036c64cdf8669fe7690b94d23b19ad7b969938f7c4cbb00111d403_ppc64le" }, "product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:f02c115867036c64cdf8669fe7690b94d23b19ad7b969938f7c4cbb00111d403_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/config-policy-controller-rhel8@sha256:1339f82b15ebe01ba411e70252eb5964a5d622bd28a7fa494786ae6317d3060c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:1339f82b15ebe01ba411e70252eb5964a5d622bd28a7fa494786ae6317d3060c_amd64" }, "product_reference": "rhacm2/config-policy-controller-rhel8@sha256:1339f82b15ebe01ba411e70252eb5964a5d622bd28a7fa494786ae6317d3060c_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/config-policy-controller-rhel8@sha256:328c0d0e4d06573f2f26bbec39f1a570eb6ddbc26a5c0fa380fec7f840f6475e_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:328c0d0e4d06573f2f26bbec39f1a570eb6ddbc26a5c0fa380fec7f840f6475e_arm64" }, "product_reference": "rhacm2/config-policy-controller-rhel8@sha256:328c0d0e4d06573f2f26bbec39f1a570eb6ddbc26a5c0fa380fec7f840f6475e_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/config-policy-controller-rhel8@sha256:e5480dd0b573d0fd949fa2cf22d77ebb5a32765fb95bed18a02fa3155f690f5b_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:e5480dd0b573d0fd949fa2cf22d77ebb5a32765fb95bed18a02fa3155f690f5b_ppc64le" }, "product_reference": "rhacm2/config-policy-controller-rhel8@sha256:e5480dd0b573d0fd949fa2cf22d77ebb5a32765fb95bed18a02fa3155f690f5b_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/config-policy-controller-rhel8@sha256:fab9c37776dabaa9c510bf243f23407715a1e3bd1c0a0280dc22191c6349a1c0_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:fab9c37776dabaa9c510bf243f23407715a1e3bd1c0a0280dc22191c6349a1c0_s390x" }, "product_reference": "rhacm2/config-policy-controller-rhel8@sha256:fab9c37776dabaa9c510bf243f23407715a1e3bd1c0a0280dc22191c6349a1c0_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/console-rhel8@sha256:01517c35f75f1f4f4c3625eb899bff16ae5c114a241c70b56f7de2310ddd065e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:01517c35f75f1f4f4c3625eb899bff16ae5c114a241c70b56f7de2310ddd065e_s390x" }, "product_reference": "rhacm2/console-rhel8@sha256:01517c35f75f1f4f4c3625eb899bff16ae5c114a241c70b56f7de2310ddd065e_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/console-rhel8@sha256:33929c835221f166d0eb731f5e553cdf78a5579a124c90b462d4bb5250dc7254_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:33929c835221f166d0eb731f5e553cdf78a5579a124c90b462d4bb5250dc7254_arm64" }, "product_reference": "rhacm2/console-rhel8@sha256:33929c835221f166d0eb731f5e553cdf78a5579a124c90b462d4bb5250dc7254_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/console-rhel8@sha256:89dad712668e3fdd11a79fdc477a5a2fe1060902bd3f3e575fd2812b4e9f7037_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:89dad712668e3fdd11a79fdc477a5a2fe1060902bd3f3e575fd2812b4e9f7037_ppc64le" }, "product_reference": "rhacm2/console-rhel8@sha256:89dad712668e3fdd11a79fdc477a5a2fe1060902bd3f3e575fd2812b4e9f7037_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/console-rhel8@sha256:fa807a069376c408c56d593bc2e2569cec0c19f105a727a616dea3bd8305953f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:fa807a069376c408c56d593bc2e2569cec0c19f105a727a616dea3bd8305953f_amd64" }, "product_reference": "rhacm2/console-rhel8@sha256:fa807a069376c408c56d593bc2e2569cec0c19f105a727a616dea3bd8305953f_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:4f5241425e26875244fab0ec9e96707790ef86edca5265ac01de1ccfc86294c0_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:4f5241425e26875244fab0ec9e96707790ef86edca5265ac01de1ccfc86294c0_amd64" }, "product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:4f5241425e26875244fab0ec9e96707790ef86edca5265ac01de1ccfc86294c0_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:64c9e84fb923d107d0d4d3f9026510de03f73773cc8348f0025721d26033215c_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:64c9e84fb923d107d0d4d3f9026510de03f73773cc8348f0025721d26033215c_arm64" }, "product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:64c9e84fb923d107d0d4d3f9026510de03f73773cc8348f0025721d26033215c_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:8913009902c71afe34f3a98ed720997e72f764cb7e251a08a2698f2d8ce64e24_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:8913009902c71afe34f3a98ed720997e72f764cb7e251a08a2698f2d8ce64e24_s390x" }, "product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:8913009902c71afe34f3a98ed720997e72f764cb7e251a08a2698f2d8ce64e24_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:c5bcc8c4e5d2a4b7270b04dc1b8e8fa399a0f0bfff1d1cc3e7ec0b7b7b6e0f3f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:c5bcc8c4e5d2a4b7270b04dc1b8e8fa399a0f0bfff1d1cc3e7ec0b7b7b6e0f3f_ppc64le" }, "product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:c5bcc8c4e5d2a4b7270b04dc1b8e8fa399a0f0bfff1d1cc3e7ec0b7b7b6e0f3f_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:002229b229bf9a13e54dc16e1edacc0cf8c75d6f46948868a045d79dfd38033c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:002229b229bf9a13e54dc16e1edacc0cf8c75d6f46948868a045d79dfd38033c_amd64" }, "product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:002229b229bf9a13e54dc16e1edacc0cf8c75d6f46948868a045d79dfd38033c_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:53a9030933e0b2f752461e5337590ad16e891a8fdda897d8a0cb8e135363f0d0_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:53a9030933e0b2f752461e5337590ad16e891a8fdda897d8a0cb8e135363f0d0_ppc64le" }, "product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:53a9030933e0b2f752461e5337590ad16e891a8fdda897d8a0cb8e135363f0d0_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:d4296089159e15bf3e11f5695a34d10b83875a346545f1d09824b4fe47295cf8_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:d4296089159e15bf3e11f5695a34d10b83875a346545f1d09824b4fe47295cf8_s390x" }, "product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:d4296089159e15bf3e11f5695a34d10b83875a346545f1d09824b4fe47295cf8_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:e05489056e65dba4eb291b050c8072608a5efc2ce971b34a903c8c7ca07e0927_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:e05489056e65dba4eb291b050c8072608a5efc2ce971b34a903c8c7ca07e0927_arm64" }, "product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:e05489056e65dba4eb291b050c8072608a5efc2ce971b34a903c8c7ca07e0927_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:0d64615d4c3a6fc8e0fc5eb595d8f846f17f7462aaf66b40aa54436fe2b4bd2b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:0d64615d4c3a6fc8e0fc5eb595d8f846f17f7462aaf66b40aa54436fe2b4bd2b_amd64" }, "product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:0d64615d4c3a6fc8e0fc5eb595d8f846f17f7462aaf66b40aa54436fe2b4bd2b_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:c182f0b51bfd9b29ea7363f74522a49b6601418f5db76843231167ef1176f709_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:c182f0b51bfd9b29ea7363f74522a49b6601418f5db76843231167ef1176f709_s390x" }, "product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:c182f0b51bfd9b29ea7363f74522a49b6601418f5db76843231167ef1176f709_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:d41f6fabaec525dfaac736806b93102479260309f482e155af2b03dc3c9a0c61_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:d41f6fabaec525dfaac736806b93102479260309f482e155af2b03dc3c9a0c61_arm64" }, "product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:d41f6fabaec525dfaac736806b93102479260309f482e155af2b03dc3c9a0c61_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:f35f6472c8138046e2f9017659dfb5a703cd895032a21d6d95c1075173005f7c_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:f35f6472c8138046e2f9017659dfb5a703cd895032a21d6d95c1075173005f7c_ppc64le" }, "product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:f35f6472c8138046e2f9017659dfb5a703cd895032a21d6d95c1075173005f7c_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:83354271af399291790b9c3e2e98ba1db7fac99b48a385d50e7318b357f882ca_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:83354271af399291790b9c3e2e98ba1db7fac99b48a385d50e7318b357f882ca_ppc64le" }, "product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:83354271af399291790b9c3e2e98ba1db7fac99b48a385d50e7318b357f882ca_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:cc5f8499009dc316d936c3a57f9a9457d5f2bbc8568e2b484a7c8b1cc676da7c_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:cc5f8499009dc316d936c3a57f9a9457d5f2bbc8568e2b484a7c8b1cc676da7c_arm64" }, "product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:cc5f8499009dc316d936c3a57f9a9457d5f2bbc8568e2b484a7c8b1cc676da7c_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:e79bba365fb1a5edb7cc53d07cebdbb56e861948dedd61e9697f14a8defc300b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:e79bba365fb1a5edb7cc53d07cebdbb56e861948dedd61e9697f14a8defc300b_amd64" }, "product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:e79bba365fb1a5edb7cc53d07cebdbb56e861948dedd61e9697f14a8defc300b_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:f7a86d6209a19498e56da1f39533a1198af35c2a9e3c824cea252eb34d737219_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:f7a86d6209a19498e56da1f39533a1198af35c2a9e3c824cea252eb34d737219_s390x" }, "product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:f7a86d6209a19498e56da1f39533a1198af35c2a9e3c824cea252eb34d737219_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-client-rhel8@sha256:41d64847ac789df45b51aeca8debfa2a5ac7ff15ad880ba7213ce8afbe4aff2e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:41d64847ac789df45b51aeca8debfa2a5ac7ff15ad880ba7213ce8afbe4aff2e_amd64" }, "product_reference": "rhacm2/insights-client-rhel8@sha256:41d64847ac789df45b51aeca8debfa2a5ac7ff15ad880ba7213ce8afbe4aff2e_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-client-rhel8@sha256:5a32ad8c8e7792f9679a604f073bce047c4f8fdd713a655ae83314e27366c5af_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:5a32ad8c8e7792f9679a604f073bce047c4f8fdd713a655ae83314e27366c5af_arm64" }, "product_reference": "rhacm2/insights-client-rhel8@sha256:5a32ad8c8e7792f9679a604f073bce047c4f8fdd713a655ae83314e27366c5af_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-client-rhel8@sha256:7040938ffaa1682dfefe95a614335b9d4f59aac472e47937f1d19f8325d985e6_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:7040938ffaa1682dfefe95a614335b9d4f59aac472e47937f1d19f8325d985e6_ppc64le" }, "product_reference": "rhacm2/insights-client-rhel8@sha256:7040938ffaa1682dfefe95a614335b9d4f59aac472e47937f1d19f8325d985e6_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-client-rhel8@sha256:9d25ef8c29b2dac4660e18c17d0286fa2ff0f6f6383b6bf795f7e5e6f70b950e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:9d25ef8c29b2dac4660e18c17d0286fa2ff0f6f6383b6bf795f7e5e6f70b950e_s390x" }, "product_reference": "rhacm2/insights-client-rhel8@sha256:9d25ef8c29b2dac4660e18c17d0286fa2ff0f6f6383b6bf795f7e5e6f70b950e_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-metrics-rhel8@sha256:4bf538ff68126949da79f7b1ab97a44a64529e240cd3f84360a88bb6a9a08e4d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:4bf538ff68126949da79f7b1ab97a44a64529e240cd3f84360a88bb6a9a08e4d_ppc64le" }, "product_reference": "rhacm2/insights-metrics-rhel8@sha256:4bf538ff68126949da79f7b1ab97a44a64529e240cd3f84360a88bb6a9a08e4d_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-metrics-rhel8@sha256:57bf2eca5df0be601d7dd59357e95d078bf69d26c1b26cdd56d0d311df123d5a_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:57bf2eca5df0be601d7dd59357e95d078bf69d26c1b26cdd56d0d311df123d5a_arm64" }, "product_reference": "rhacm2/insights-metrics-rhel8@sha256:57bf2eca5df0be601d7dd59357e95d078bf69d26c1b26cdd56d0d311df123d5a_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-metrics-rhel8@sha256:65f96884ed34103842217b26597ec413197db699aeb004daeca08f1d08014f46_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:65f96884ed34103842217b26597ec413197db699aeb004daeca08f1d08014f46_amd64" }, "product_reference": "rhacm2/insights-metrics-rhel8@sha256:65f96884ed34103842217b26597ec413197db699aeb004daeca08f1d08014f46_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-metrics-rhel8@sha256:ed01454411cbdfb20661aecc76e00767b5ec122e27a379159476eabba741b94e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:ed01454411cbdfb20661aecc76e00767b5ec122e27a379159476eabba741b94e_s390x" }, "product_reference": "rhacm2/insights-metrics-rhel8@sha256:ed01454411cbdfb20661aecc76e00767b5ec122e27a379159476eabba741b94e_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:523776c04653aac8c750ff48156fd7a5b0efd9ad35c40cbacdbe0ca6dda48217_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:523776c04653aac8c750ff48156fd7a5b0efd9ad35c40cbacdbe0ca6dda48217_amd64" }, "product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:523776c04653aac8c750ff48156fd7a5b0efd9ad35c40cbacdbe0ca6dda48217_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7cea9ce9aeb26df137590353de05b8a88ee55faa43cecde68e40fb875f9844cd_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:7cea9ce9aeb26df137590353de05b8a88ee55faa43cecde68e40fb875f9844cd_arm64" }, "product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7cea9ce9aeb26df137590353de05b8a88ee55faa43cecde68e40fb875f9844cd_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:866125412b6812710734b9e72d09581be40879bb57236e37660e2d29210a37ad_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:866125412b6812710734b9e72d09581be40879bb57236e37660e2d29210a37ad_s390x" }, "product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:866125412b6812710734b9e72d09581be40879bb57236e37660e2d29210a37ad_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:c89f9fed1ce56a6baf10808454b01d4df88571db744feb2bfae8b5707d82013f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:c89f9fed1ce56a6baf10808454b01d4df88571db744feb2bfae8b5707d82013f_ppc64le" }, "product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:c89f9fed1ce56a6baf10808454b01d4df88571db744feb2bfae8b5707d82013f_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:407178ad223483b92a382e0fb916de9f42f1a0db9aaacb66710a7a743f1c3dce_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:407178ad223483b92a382e0fb916de9f42f1a0db9aaacb66710a7a743f1c3dce_arm64" }, "product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:407178ad223483b92a382e0fb916de9f42f1a0db9aaacb66710a7a743f1c3dce_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:455dde7a89b1505c93651022451b83e1e8f86186b98f660e3c6ad998a97d48f3_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:455dde7a89b1505c93651022451b83e1e8f86186b98f660e3c6ad998a97d48f3_ppc64le" }, "product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:455dde7a89b1505c93651022451b83e1e8f86186b98f660e3c6ad998a97d48f3_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:95de0275698ef704379246e088763c3827171487049b9cfb857712ddbdef46e9_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:95de0275698ef704379246e088763c3827171487049b9cfb857712ddbdef46e9_amd64" }, "product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:95de0275698ef704379246e088763c3827171487049b9cfb857712ddbdef46e9_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:f0397b30dc7b824b0e37a256c5a067585885c80db1033b44a13fe56446cd80a9_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:f0397b30dc7b824b0e37a256c5a067585885c80db1033b44a13fe56446cd80a9_s390x" }, "product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:f0397b30dc7b824b0e37a256c5a067585885c80db1033b44a13fe56446cd80a9_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:1f27bc62a66413a31d2d680ecd2a8ed9c9d378341da56b788cd86c98151a1fd4_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:1f27bc62a66413a31d2d680ecd2a8ed9c9d378341da56b788cd86c98151a1fd4_s390x" }, "product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:1f27bc62a66413a31d2d680ecd2a8ed9c9d378341da56b788cd86c98151a1fd4_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:534420075e829b5881f6cd3f32d4aa90ea3075de869b84f689c9606d4f03521a_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:534420075e829b5881f6cd3f32d4aa90ea3075de869b84f689c9606d4f03521a_arm64" }, "product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:534420075e829b5881f6cd3f32d4aa90ea3075de869b84f689c9606d4f03521a_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:8cc675a0cf4ff24b28c0b75a54fc4f3328c6a9f041f21d1814d210b7704f6970_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:8cc675a0cf4ff24b28c0b75a54fc4f3328c6a9f041f21d1814d210b7704f6970_amd64" }, "product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:8cc675a0cf4ff24b28c0b75a54fc4f3328c6a9f041f21d1814d210b7704f6970_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:c56179f297ebab2ef9851417ec42ac6c16b6f8cb3627c243ff6984d2dd6ac76d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:c56179f297ebab2ef9851417ec42ac6c16b6f8cb3627c243ff6984d2dd6ac76d_ppc64le" }, "product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:c56179f297ebab2ef9851417ec42ac6c16b6f8cb3627c243ff6984d2dd6ac76d_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/management-ingress-rhel8@sha256:3b94abf5182934113b1cf9b8688a2da977d5fec3110f2d79b81b2ec46ffeada3_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:3b94abf5182934113b1cf9b8688a2da977d5fec3110f2d79b81b2ec46ffeada3_ppc64le" }, "product_reference": "rhacm2/management-ingress-rhel8@sha256:3b94abf5182934113b1cf9b8688a2da977d5fec3110f2d79b81b2ec46ffeada3_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/management-ingress-rhel8@sha256:70aa7c3711b4085caa9ba50295dfedf9b2cd3a1b37e815e4a7245c1aef0cfe22_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:70aa7c3711b4085caa9ba50295dfedf9b2cd3a1b37e815e4a7245c1aef0cfe22_s390x" }, "product_reference": "rhacm2/management-ingress-rhel8@sha256:70aa7c3711b4085caa9ba50295dfedf9b2cd3a1b37e815e4a7245c1aef0cfe22_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/management-ingress-rhel8@sha256:bea2ee18f401ec1b4c4b87f40f6f79a4418d6aafad5e2b50099f7541b6699de7_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:bea2ee18f401ec1b4c4b87f40f6f79a4418d6aafad5e2b50099f7541b6699de7_arm64" }, "product_reference": "rhacm2/management-ingress-rhel8@sha256:bea2ee18f401ec1b4c4b87f40f6f79a4418d6aafad5e2b50099f7541b6699de7_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/management-ingress-rhel8@sha256:f45de50d8d7b6a285317a3bc1c413427841c8d6fab742f6de0a61bad9722b61e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:f45de50d8d7b6a285317a3bc1c413427841c8d6fab742f6de0a61bad9722b61e_amd64" }, "product_reference": "rhacm2/management-ingress-rhel8@sha256:f45de50d8d7b6a285317a3bc1c413427841c8d6fab742f6de0a61bad9722b61e_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-exporter-rhel8@sha256:094b84362782a88d8b0c7a75a23dd5ae3ff846913f0a49e732d53cc0efdf6a61_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:094b84362782a88d8b0c7a75a23dd5ae3ff846913f0a49e732d53cc0efdf6a61_arm64" }, "product_reference": "rhacm2/memcached-exporter-rhel8@sha256:094b84362782a88d8b0c7a75a23dd5ae3ff846913f0a49e732d53cc0efdf6a61_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-exporter-rhel8@sha256:708e8f9531f5cc33a2543956eb0c940e5ad36d2ac196903a0beaa42944cb543f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:708e8f9531f5cc33a2543956eb0c940e5ad36d2ac196903a0beaa42944cb543f_ppc64le" }, "product_reference": "rhacm2/memcached-exporter-rhel8@sha256:708e8f9531f5cc33a2543956eb0c940e5ad36d2ac196903a0beaa42944cb543f_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-exporter-rhel8@sha256:baa029b8feb59ec4d626f021ebf777cc991c1a24c29c321c40513b91641f4bbc_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:baa029b8feb59ec4d626f021ebf777cc991c1a24c29c321c40513b91641f4bbc_amd64" }, "product_reference": "rhacm2/memcached-exporter-rhel8@sha256:baa029b8feb59ec4d626f021ebf777cc991c1a24c29c321c40513b91641f4bbc_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-exporter-rhel8@sha256:c7937a592a255199c316e30c499d0c150cc95c3f208e46d8a936a5bc03a1fed6_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:c7937a592a255199c316e30c499d0c150cc95c3f208e46d8a936a5bc03a1fed6_s390x" }, "product_reference": "rhacm2/memcached-exporter-rhel8@sha256:c7937a592a255199c316e30c499d0c150cc95c3f208e46d8a936a5bc03a1fed6_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-rhel8@sha256:21d28e1c3d1c7e8803261867c20a29df444676780ed9d4cc9f1dd1c8dbd68688_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:21d28e1c3d1c7e8803261867c20a29df444676780ed9d4cc9f1dd1c8dbd68688_amd64" }, "product_reference": "rhacm2/memcached-rhel8@sha256:21d28e1c3d1c7e8803261867c20a29df444676780ed9d4cc9f1dd1c8dbd68688_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-rhel8@sha256:6bac06a2e1e181fe4920a33df5ce433635871a42ba30fbbe0adff1c505fbab4b_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6bac06a2e1e181fe4920a33df5ce433635871a42ba30fbbe0adff1c505fbab4b_ppc64le" }, "product_reference": "rhacm2/memcached-rhel8@sha256:6bac06a2e1e181fe4920a33df5ce433635871a42ba30fbbe0adff1c505fbab4b_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-rhel8@sha256:6c7cb2786f6863e7d1c8554f159c68123921d22bbd7bec5fc3532cad991937b4_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6c7cb2786f6863e7d1c8554f159c68123921d22bbd7bec5fc3532cad991937b4_s390x" }, "product_reference": "rhacm2/memcached-rhel8@sha256:6c7cb2786f6863e7d1c8554f159c68123921d22bbd7bec5fc3532cad991937b4_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-rhel8@sha256:e044af5fee732dd9923759b312c3b72dd4b6ab1780456973f35677d72586913e_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:e044af5fee732dd9923759b312c3b72dd4b6ab1780456973f35677d72586913e_arm64" }, "product_reference": "rhacm2/memcached-rhel8@sha256:e044af5fee732dd9923759b312c3b72dd4b6ab1780456973f35677d72586913e_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/metrics-collector-rhel8@sha256:21644ef77ec046c79fb64f612245ac5d59c0aa569c548b48062da8896d159696_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:21644ef77ec046c79fb64f612245ac5d59c0aa569c548b48062da8896d159696_s390x" }, "product_reference": "rhacm2/metrics-collector-rhel8@sha256:21644ef77ec046c79fb64f612245ac5d59c0aa569c548b48062da8896d159696_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/metrics-collector-rhel8@sha256:2358249e2cf40d054cca5711f39091e2f0cbd44e61a24d3c1dd1a9e79cc440b1_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:2358249e2cf40d054cca5711f39091e2f0cbd44e61a24d3c1dd1a9e79cc440b1_arm64" }, "product_reference": "rhacm2/metrics-collector-rhel8@sha256:2358249e2cf40d054cca5711f39091e2f0cbd44e61a24d3c1dd1a9e79cc440b1_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/metrics-collector-rhel8@sha256:9638fab8d1439730395607cc99bcda33eae5e813778398888124e8ae319cb80e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:9638fab8d1439730395607cc99bcda33eae5e813778398888124e8ae319cb80e_amd64" }, "product_reference": "rhacm2/metrics-collector-rhel8@sha256:9638fab8d1439730395607cc99bcda33eae5e813778398888124e8ae319cb80e_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/metrics-collector-rhel8@sha256:e06aed89ad0c48bef78e45512d22c3373f62c63d335d953ba064b160a68fcad2_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:e06aed89ad0c48bef78e45512d22c3373f62c63d335d953ba064b160a68fcad2_ppc64le" }, "product_reference": "rhacm2/metrics-collector-rhel8@sha256:e06aed89ad0c48bef78e45512d22c3373f62c63d335d953ba064b160a68fcad2_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:1063ef655f5dd15b0b914572ba672892eb53b441ae151d14cffca9d320860f2d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:1063ef655f5dd15b0b914572ba672892eb53b441ae151d14cffca9d320860f2d_ppc64le" }, "product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:1063ef655f5dd15b0b914572ba672892eb53b441ae151d14cffca9d320860f2d_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:3f0ab9161698eb9e3342c3b3fc70d5ca9c420cdcc5a5ccebc8cc993dfefb9dc3_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:3f0ab9161698eb9e3342c3b3fc70d5ca9c420cdcc5a5ccebc8cc993dfefb9dc3_amd64" }, "product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:3f0ab9161698eb9e3342c3b3fc70d5ca9c420cdcc5a5ccebc8cc993dfefb9dc3_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:651c4ac3da42bc2acfe9bff35e397ccf5e88abb6303622f3244d6ccb9b8f9e0d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:651c4ac3da42bc2acfe9bff35e397ccf5e88abb6303622f3244d6ccb9b8f9e0d_s390x" }, "product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:651c4ac3da42bc2acfe9bff35e397ccf5e88abb6303622f3244d6ccb9b8f9e0d_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:f02a569222e13356f5fbdef5b7d2da943e6f6071fd88ba75a2565b3d340b6c3a_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:f02a569222e13356f5fbdef5b7d2da943e6f6071fd88ba75a2565b3d340b6c3a_arm64" }, "product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:f02a569222e13356f5fbdef5b7d2da943e6f6071fd88ba75a2565b3d340b6c3a_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:49083d7039af6df4bd639dd998162c96dc586da4d828ffbe9c880a8a8d6d13d6_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:49083d7039af6df4bd639dd998162c96dc586da4d828ffbe9c880a8a8d6d13d6_arm64" }, "product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:49083d7039af6df4bd639dd998162c96dc586da4d828ffbe9c880a8a8d6d13d6_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:68228ba1ef7bf5631f0cab91cb4e9f86c3d24c1ad587332d42c4f85e1a3608d7_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:68228ba1ef7bf5631f0cab91cb4e9f86c3d24c1ad587332d42c4f85e1a3608d7_amd64" }, "product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:68228ba1ef7bf5631f0cab91cb4e9f86c3d24c1ad587332d42c4f85e1a3608d7_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:93da29b41da3c87d4bffaf42369b50217f5d8f81d0a82c4108c27a3c40f544d8_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:93da29b41da3c87d4bffaf42369b50217f5d8f81d0a82c4108c27a3c40f544d8_s390x" }, "product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:93da29b41da3c87d4bffaf42369b50217f5d8f81d0a82c4108c27a3c40f544d8_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:f212909bc9ed5be6da68a3b6a4866fdc17ecc3514b075977a8679998d6742cbe_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:f212909bc9ed5be6da68a3b6a4866fdc17ecc3514b075977a8679998d6742cbe_ppc64le" }, "product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:f212909bc9ed5be6da68a3b6a4866fdc17ecc3514b075977a8679998d6742cbe_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:299f0753c65ab4e609418fd5515bdcb041bee357f4db192ae32a24ad0c4d7853_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:299f0753c65ab4e609418fd5515bdcb041bee357f4db192ae32a24ad0c4d7853_s390x" }, "product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:299f0753c65ab4e609418fd5515bdcb041bee357f4db192ae32a24ad0c4d7853_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:62520c406cdbd823e99e8ee9ff9119b61cb6880fcb1335211b6520bedec564f2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:62520c406cdbd823e99e8ee9ff9119b61cb6880fcb1335211b6520bedec564f2_amd64" }, "product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:62520c406cdbd823e99e8ee9ff9119b61cb6880fcb1335211b6520bedec564f2_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:9c58c89cb0173394684d7d23178ad32eb2d571444cb306ea599565eaac92ea4f_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:9c58c89cb0173394684d7d23178ad32eb2d571444cb306ea599565eaac92ea4f_arm64" }, "product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:9c58c89cb0173394684d7d23178ad32eb2d571444cb306ea599565eaac92ea4f_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:b385c92b069a8dae72e57b69d24e1fff59ad46781579882a1edfa4839fd8bbba_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:b385c92b069a8dae72e57b69d24e1fff59ad46781579882a1edfa4839fd8bbba_ppc64le" }, "product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:b385c92b069a8dae72e57b69d24e1fff59ad46781579882a1edfa4839fd8bbba_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:044723d62439a8364772ab27be2c04dbd2c0421dbeb0a7b94f70e99e646b4c80_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:044723d62439a8364772ab27be2c04dbd2c0421dbeb0a7b94f70e99e646b4c80_ppc64le" }, "product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:044723d62439a8364772ab27be2c04dbd2c0421dbeb0a7b94f70e99e646b4c80_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:d8fe5baa4aefbcf41861743a3cf6c94f8a2a63526e96e5d263a40a8cb8a5ad4e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:d8fe5baa4aefbcf41861743a3cf6c94f8a2a63526e96e5d263a40a8cb8a5ad4e_s390x" }, "product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:d8fe5baa4aefbcf41861743a3cf6c94f8a2a63526e96e5d263a40a8cb8a5ad4e_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:da65bc93513dfb37a4828eaf5e1d4c08265ffdba05028fed95a564341d226771_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:da65bc93513dfb37a4828eaf5e1d4c08265ffdba05028fed95a564341d226771_amd64" }, "product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:da65bc93513dfb37a4828eaf5e1d4c08265ffdba05028fed95a564341d226771_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:ddb1016901287c80ef1972f25db37b1182e854115671961efb3fc0048cd95800_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:ddb1016901287c80ef1972f25db37b1182e854115671961efb3fc0048cd95800_arm64" }, "product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:ddb1016901287c80ef1972f25db37b1182e854115671961efb3fc0048cd95800_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:548d610f996e73b67eb21d2993b5ac3d0da02997a48b9c1226072d6d95ae4c3b_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:548d610f996e73b67eb21d2993b5ac3d0da02997a48b9c1226072d6d95ae4c3b_arm64" }, "product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:548d610f996e73b67eb21d2993b5ac3d0da02997a48b9c1226072d6d95ae4c3b_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:6307eb5e9195415477b18d701310e8813772b7120d0fc4ac83846e54b46b4745_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:6307eb5e9195415477b18d701310e8813772b7120d0fc4ac83846e54b46b4745_s390x" }, "product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:6307eb5e9195415477b18d701310e8813772b7120d0fc4ac83846e54b46b4745_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:a69777a61feaf373c162a82ffb6f6996df6231c23cb2f1923bdd77c311d7d739_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:a69777a61feaf373c162a82ffb6f6996df6231c23cb2f1923bdd77c311d7d739_ppc64le" }, "product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:a69777a61feaf373c162a82ffb6f6996df6231c23cb2f1923bdd77c311d7d739_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:e53b330ed0c4ed0803a93b18a6ce290814dcd16dce6eb980809b5b8c6c09deb4_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:e53b330ed0c4ed0803a93b18a6ce290814dcd16dce6eb980809b5b8c6c09deb4_amd64" }, "product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:e53b330ed0c4ed0803a93b18a6ce290814dcd16dce6eb980809b5b8c6c09deb4_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-rhel8@sha256:405fa2e3363a3c124a5764d6153b7bcba3d43a3026813085e44c9246d51ca60a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:405fa2e3363a3c124a5764d6153b7bcba3d43a3026813085e44c9246d51ca60a_amd64" }, "product_reference": "rhacm2/multiclusterhub-rhel8@sha256:405fa2e3363a3c124a5764d6153b7bcba3d43a3026813085e44c9246d51ca60a_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-rhel8@sha256:b82d4ecef59b69623ec4d0a9b5537fa52e007336727c92345cd829d80961f14a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:b82d4ecef59b69623ec4d0a9b5537fa52e007336727c92345cd829d80961f14a_s390x" }, "product_reference": "rhacm2/multiclusterhub-rhel8@sha256:b82d4ecef59b69623ec4d0a9b5537fa52e007336727c92345cd829d80961f14a_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-rhel8@sha256:e96ea7f3533e7d0836512cbc2b027b60c400aa16c8e4691117608ab4736a059b_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:e96ea7f3533e7d0836512cbc2b027b60c400aa16c8e4691117608ab4736a059b_ppc64le" }, "product_reference": "rhacm2/multiclusterhub-rhel8@sha256:e96ea7f3533e7d0836512cbc2b027b60c400aa16c8e4691117608ab4736a059b_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-rhel8@sha256:fdf9ae4924a587c945a85b2319b0471a5688368df572f2de852c51da8bc74dcb_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:fdf9ae4924a587c945a85b2319b0471a5688368df572f2de852c51da8bc74dcb_arm64" }, "product_reference": "rhacm2/multiclusterhub-rhel8@sha256:fdf9ae4924a587c945a85b2319b0471a5688368df572f2de852c51da8bc74dcb_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/node-exporter-rhel8@sha256:1af36144b83dc16cd1958d0414be55eaa2aae95894b6eefd2233308ace81df02_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:1af36144b83dc16cd1958d0414be55eaa2aae95894b6eefd2233308ace81df02_ppc64le" }, "product_reference": "rhacm2/node-exporter-rhel8@sha256:1af36144b83dc16cd1958d0414be55eaa2aae95894b6eefd2233308ace81df02_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/node-exporter-rhel8@sha256:2aeec43f11c6572abb7d4468560dc1561a023d9692058a4ac2b13a0cedb44dde_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:2aeec43f11c6572abb7d4468560dc1561a023d9692058a4ac2b13a0cedb44dde_amd64" }, "product_reference": "rhacm2/node-exporter-rhel8@sha256:2aeec43f11c6572abb7d4468560dc1561a023d9692058a4ac2b13a0cedb44dde_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/node-exporter-rhel8@sha256:8b359fcf74d236fc488ef4553dbaf9dbec549e331f2b103b40139aa2eb1345e4_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:8b359fcf74d236fc488ef4553dbaf9dbec549e331f2b103b40139aa2eb1345e4_arm64" }, "product_reference": "rhacm2/node-exporter-rhel8@sha256:8b359fcf74d236fc488ef4553dbaf9dbec549e331f2b103b40139aa2eb1345e4_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/node-exporter-rhel8@sha256:97291260ff17e7e1b1f490a68041613ca5f7c192d848f928eca9b867de47bc4e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:97291260ff17e7e1b1f490a68041613ca5f7c192d848f928eca9b867de47bc4e_s390x" }, "product_reference": "rhacm2/node-exporter-rhel8@sha256:97291260ff17e7e1b1f490a68041613ca5f7c192d848f928eca9b867de47bc4e_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8-operator@sha256:16eeedaa25dd61c03514479044fde9851c5b4224b718a496e33d43a06f57d5b5_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:16eeedaa25dd61c03514479044fde9851c5b4224b718a496e33d43a06f57d5b5_amd64" }, "product_reference": "rhacm2/observatorium-rhel8-operator@sha256:16eeedaa25dd61c03514479044fde9851c5b4224b718a496e33d43a06f57d5b5_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8-operator@sha256:928c114e3aca978626ad91889aaed0cc20ca0d641ad946c9a1b1f2424245c795_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:928c114e3aca978626ad91889aaed0cc20ca0d641ad946c9a1b1f2424245c795_arm64" }, "product_reference": "rhacm2/observatorium-rhel8-operator@sha256:928c114e3aca978626ad91889aaed0cc20ca0d641ad946c9a1b1f2424245c795_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8-operator@sha256:c4e260eabb09bacc1aa332ea2001333c671e0fc65a3ef4d04e02b5473b45642d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c4e260eabb09bacc1aa332ea2001333c671e0fc65a3ef4d04e02b5473b45642d_ppc64le" }, "product_reference": "rhacm2/observatorium-rhel8-operator@sha256:c4e260eabb09bacc1aa332ea2001333c671e0fc65a3ef4d04e02b5473b45642d_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8-operator@sha256:c870e034b29dfa320cb6a6bf60021033b622b76a0c4aaaf2a768326ea046b459_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c870e034b29dfa320cb6a6bf60021033b622b76a0c4aaaf2a768326ea046b459_s390x" }, "product_reference": "rhacm2/observatorium-rhel8-operator@sha256:c870e034b29dfa320cb6a6bf60021033b622b76a0c4aaaf2a768326ea046b459_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8@sha256:1e46b8610e037752ecfb30aaac5c7459a81aa119bf0c2b2ffb0dc90cd5701af0_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:1e46b8610e037752ecfb30aaac5c7459a81aa119bf0c2b2ffb0dc90cd5701af0_arm64" }, "product_reference": "rhacm2/observatorium-rhel8@sha256:1e46b8610e037752ecfb30aaac5c7459a81aa119bf0c2b2ffb0dc90cd5701af0_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8@sha256:51374017a10289e0402363ae2839d110f500be44dc44834dbd8dd66ba0e6f5e9_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:51374017a10289e0402363ae2839d110f500be44dc44834dbd8dd66ba0e6f5e9_s390x" }, "product_reference": "rhacm2/observatorium-rhel8@sha256:51374017a10289e0402363ae2839d110f500be44dc44834dbd8dd66ba0e6f5e9_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8@sha256:836c0b874ba4fc57b5f79dffacefd2dc0261822cb6dde17d247db39175a5c27f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:836c0b874ba4fc57b5f79dffacefd2dc0261822cb6dde17d247db39175a5c27f_amd64" }, "product_reference": "rhacm2/observatorium-rhel8@sha256:836c0b874ba4fc57b5f79dffacefd2dc0261822cb6dde17d247db39175a5c27f_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8@sha256:b7b3de98fbcc216c00d3291691f8997183a6409dabed8ea7b10b336c481b2b87_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:b7b3de98fbcc216c00d3291691f8997183a6409dabed8ea7b10b336c481b2b87_ppc64le" }, "product_reference": "rhacm2/observatorium-rhel8@sha256:b7b3de98fbcc216c00d3291691f8997183a6409dabed8ea7b10b336c481b2b87_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:6c9ea79e385be44f735efb932079b328200d47869f5f5f9b442fdb76067cac2a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:6c9ea79e385be44f735efb932079b328200d47869f5f5f9b442fdb76067cac2a_amd64" }, "product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:6c9ea79e385be44f735efb932079b328200d47869f5f5f9b442fdb76067cac2a_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:8349cdc4677a2dd37c54b058c487d76e8fbe4c76178e805d4745ef5c62bc6151_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8349cdc4677a2dd37c54b058c487d76e8fbe4c76178e805d4745ef5c62bc6151_arm64" }, "product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:8349cdc4677a2dd37c54b058c487d76e8fbe4c76178e805d4745ef5c62bc6151_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:8e8c89c184a5d023f031ab7cca2c4c64cdfd151c37aa5ae3a206cb1f1055268f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8e8c89c184a5d023f031ab7cca2c4c64cdfd151c37aa5ae3a206cb1f1055268f_ppc64le" }, "product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:8e8c89c184a5d023f031ab7cca2c4c64cdfd151c37aa5ae3a206cb1f1055268f_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:fdbba855391acd2b33d0b16f9f0e7ba2a9cdbaa90bf71298182954b7f4c8fe76_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:fdbba855391acd2b33d0b16f9f0e7ba2a9cdbaa90bf71298182954b7f4c8fe76_s390x" }, "product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:fdbba855391acd2b33d0b16f9f0e7ba2a9cdbaa90bf71298182954b7f4c8fe76_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-rhel8@sha256:59174c376ae5563ea3a2a68bf999458f6b905058f57a7779b6dddd7aff252e4f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:59174c376ae5563ea3a2a68bf999458f6b905058f57a7779b6dddd7aff252e4f_amd64" }, "product_reference": "rhacm2/prometheus-rhel8@sha256:59174c376ae5563ea3a2a68bf999458f6b905058f57a7779b6dddd7aff252e4f_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-rhel8@sha256:6877b4207285d7a0e1343f5c1b70bab163d1fd5004f778998d2e612817ea5f06_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:6877b4207285d7a0e1343f5c1b70bab163d1fd5004f778998d2e612817ea5f06_s390x" }, "product_reference": "rhacm2/prometheus-rhel8@sha256:6877b4207285d7a0e1343f5c1b70bab163d1fd5004f778998d2e612817ea5f06_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-rhel8@sha256:a3661c1cbfa2f8c230ec44ee5e2fecf1967ce48df0c9699f063bd27407b94dac_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a3661c1cbfa2f8c230ec44ee5e2fecf1967ce48df0c9699f063bd27407b94dac_arm64" }, "product_reference": "rhacm2/prometheus-rhel8@sha256:a3661c1cbfa2f8c230ec44ee5e2fecf1967ce48df0c9699f063bd27407b94dac_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-rhel8@sha256:a5a9a7c264f07c789094cb5371729f86700c0cfce4605b573c236c21a46ea9d6_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a5a9a7c264f07c789094cb5371729f86700c0cfce4605b573c236c21a46ea9d6_ppc64le" }, "product_reference": "rhacm2/prometheus-rhel8@sha256:a5a9a7c264f07c789094cb5371729f86700c0cfce4605b573c236c21a46ea9d6_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:3481fdb51147ce735b7864215cacd4c6a24b2c05a9388866f11be887a5fd0d4f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:3481fdb51147ce735b7864215cacd4c6a24b2c05a9388866f11be887a5fd0d4f_s390x" }, "product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:3481fdb51147ce735b7864215cacd4c6a24b2c05a9388866f11be887a5fd0d4f_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:84486a82cd6655d5e5a1fbccae5a2e9335498d3e05422fa325b443c8923c1b75_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:84486a82cd6655d5e5a1fbccae5a2e9335498d3e05422fa325b443c8923c1b75_arm64" }, "product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:84486a82cd6655d5e5a1fbccae5a2e9335498d3e05422fa325b443c8923c1b75_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:bdeee76d09265212805e06117c368c96d40c7b46278dc09413fa300c6198ac2d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:bdeee76d09265212805e06117c368c96d40c7b46278dc09413fa300c6198ac2d_amd64" }, "product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:bdeee76d09265212805e06117c368c96d40c7b46278dc09413fa300c6198ac2d_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:ceb1bd89103c56378166ab968dbaa387ab0531d1592f053718d0c1c683770e3d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:ceb1bd89103c56378166ab968dbaa387ab0531d1592f053718d0c1c683770e3d_ppc64le" }, "product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:ceb1bd89103c56378166ab968dbaa387ab0531d1592f053718d0c1c683770e3d_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-collector-rhel8@sha256:4b7544ec460f265afb71c9d362cf9851e3ba250c3ab694ccc9a78c15eb38a612_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:4b7544ec460f265afb71c9d362cf9851e3ba250c3ab694ccc9a78c15eb38a612_arm64" }, "product_reference": "rhacm2/search-collector-rhel8@sha256:4b7544ec460f265afb71c9d362cf9851e3ba250c3ab694ccc9a78c15eb38a612_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-collector-rhel8@sha256:6695c50772760b400d0535f406f02b7c37436c5ce6932b8d5518b995780287a8_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:6695c50772760b400d0535f406f02b7c37436c5ce6932b8d5518b995780287a8_s390x" }, "product_reference": "rhacm2/search-collector-rhel8@sha256:6695c50772760b400d0535f406f02b7c37436c5ce6932b8d5518b995780287a8_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-collector-rhel8@sha256:91b398bdccc5dbbfb82913ac52110d0b8e2f6c37ded6aa22b7d97ec4655b4cde_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:91b398bdccc5dbbfb82913ac52110d0b8e2f6c37ded6aa22b7d97ec4655b4cde_amd64" }, "product_reference": "rhacm2/search-collector-rhel8@sha256:91b398bdccc5dbbfb82913ac52110d0b8e2f6c37ded6aa22b7d97ec4655b4cde_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-collector-rhel8@sha256:e129649706a536e4ef6e8f770d0bf682f35da55c86c978c749e903b1a2bbe875_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:e129649706a536e4ef6e8f770d0bf682f35da55c86c978c749e903b1a2bbe875_ppc64le" }, "product_reference": "rhacm2/search-collector-rhel8@sha256:e129649706a536e4ef6e8f770d0bf682f35da55c86c978c749e903b1a2bbe875_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/submariner-addon-rhel8@sha256:17dfda9e5f46f9df69171607ec2e078be9362de4c13e2ed20763fc59a7e9cd1a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:17dfda9e5f46f9df69171607ec2e078be9362de4c13e2ed20763fc59a7e9cd1a_s390x" }, "product_reference": "rhacm2/submariner-addon-rhel8@sha256:17dfda9e5f46f9df69171607ec2e078be9362de4c13e2ed20763fc59a7e9cd1a_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/submariner-addon-rhel8@sha256:4eddabb57e6f448c45fba78dc72f1541ccddb11b63a558764d0c105465a76555_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:4eddabb57e6f448c45fba78dc72f1541ccddb11b63a558764d0c105465a76555_amd64" }, "product_reference": "rhacm2/submariner-addon-rhel8@sha256:4eddabb57e6f448c45fba78dc72f1541ccddb11b63a558764d0c105465a76555_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/submariner-addon-rhel8@sha256:581fb02a9670b27810f2ad35bad4a82d2e1eab77fcd1274de05b0a922450d3fc_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:581fb02a9670b27810f2ad35bad4a82d2e1eab77fcd1274de05b0a922450d3fc_ppc64le" }, "product_reference": "rhacm2/submariner-addon-rhel8@sha256:581fb02a9670b27810f2ad35bad4a82d2e1eab77fcd1274de05b0a922450d3fc_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/submariner-addon-rhel8@sha256:7400391c2a56bc01da6fbbf13bb249a01e90d8eccb8d465dfb19c3598f5fecbe_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:7400391c2a56bc01da6fbbf13bb249a01e90d8eccb8d465dfb19c3598f5fecbe_arm64" }, "product_reference": "rhacm2/submariner-addon-rhel8@sha256:7400391c2a56bc01da6fbbf13bb249a01e90d8eccb8d465dfb19c3598f5fecbe_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:4b228ecad424ca792139152948e27ed4c714dcfbcd540caf117dee20845018c8_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:4b228ecad424ca792139152948e27ed4c714dcfbcd540caf117dee20845018c8_ppc64le" }, "product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:4b228ecad424ca792139152948e27ed4c714dcfbcd540caf117dee20845018c8_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:7ceb607e7a3205361d8c9d1b44aae47381e2d07b129e40b5f90f55c3a8402774_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:7ceb607e7a3205361d8c9d1b44aae47381e2d07b129e40b5f90f55c3a8402774_arm64" }, "product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:7ceb607e7a3205361d8c9d1b44aae47381e2d07b129e40b5f90f55c3a8402774_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:b17fe936f5d8d8da38d72bf2153b47ac619c460c1f8227b4cb2f37cfc18cd4be_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:b17fe936f5d8d8da38d72bf2153b47ac619c460c1f8227b4cb2f37cfc18cd4be_s390x" }, "product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:b17fe936f5d8d8da38d72bf2153b47ac619c460c1f8227b4cb2f37cfc18cd4be_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:e9a5ef8f2d97357bee0198544d0545c26ee7c7d10116771e510d73eda6c45abe_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:e9a5ef8f2d97357bee0198544d0545c26ee7c7d10116771e510d73eda6c45abe_amd64" }, "product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:e9a5ef8f2d97357bee0198544d0545c26ee7c7d10116771e510d73eda6c45abe_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-rhel8@sha256:23a4e918b5ffdbad4745e541afad2747bd6b28e534a31e7b5aff74296b27e3e7_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:23a4e918b5ffdbad4745e541afad2747bd6b28e534a31e7b5aff74296b27e3e7_amd64" }, "product_reference": "rhacm2/thanos-rhel8@sha256:23a4e918b5ffdbad4745e541afad2747bd6b28e534a31e7b5aff74296b27e3e7_amd64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-rhel8@sha256:26de3711356177090694b4bf00821d873127cf8c0675fe42a8f757c5c37a40cd_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:26de3711356177090694b4bf00821d873127cf8c0675fe42a8f757c5c37a40cd_arm64" }, "product_reference": "rhacm2/thanos-rhel8@sha256:26de3711356177090694b4bf00821d873127cf8c0675fe42a8f757c5c37a40cd_arm64", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-rhel8@sha256:6515a630cddbb13fd14f81fd3b8c3a95f2469eaf599010b42732d8fd794af1b0_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:6515a630cddbb13fd14f81fd3b8c3a95f2469eaf599010b42732d8fd794af1b0_s390x" }, "product_reference": "rhacm2/thanos-rhel8@sha256:6515a630cddbb13fd14f81fd3b8c3a95f2469eaf599010b42732d8fd794af1b0_s390x", "relates_to_product_reference": "8Base-RHACM-2.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-rhel8@sha256:736e1fd62ba7b6c56ad1af81ab1260dd7d13a770d62914183aaa2cc2ebb0dc20_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8", "product_id": "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:736e1fd62ba7b6c56ad1af81ab1260dd7d13a770d62914183aaa2cc2ebb0dc20_ppc64le" }, "product_reference": "rhacm2/thanos-rhel8@sha256:736e1fd62ba7b6c56ad1af81ab1260dd7d13a770d62914183aaa2cc2ebb0dc20_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.7" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:1aae106ecbdeadb77b0fd95133827e7fad4f5fcb9916e56ca0dfccab8bd34bed_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:2c7f0617df666e8cbcd622dee073a35843db4a81caa19b7db3b9fb9264cdf7fc_amd64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7f6671f84fcbe569fceece415dd7beeb8bb7f86c3031bdfb3ac0d0e777051b2f_s390x", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:b30028955a86b6ecdb8c6865328976d74e98f56d6e21277a9f5a812f896b6303_arm64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:25271964483024b3235dd61f7e7bb9dd5e9dfa75f76e6ded5c92580d440ca48b_s390x", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:7dcde13540cc938374463521f91091a7bbf0a037cabfc5e4b55c89497e0ba6bf_arm64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:b7b778111722c0da14ae74580be1813f6ecedf97fcd88de46fd15cc3ace2cb61_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:ec5fc63b94bc9c070f14fd76d4ae26b90e3f29d3694887380a5f8f8ea5a04bc0_amd64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:0c427fa58c97b71eb784e4a590c208b0284cf656f66a268ea4803804ce3ce28a_arm64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:2e3505803004ca421087171bfe9097f6f106c812f840e8b83d1215150b4137c4_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:49746c3a6e7033b1bac90d3515e0f5ab44aaf9c45cce414308da72bb960287b1_amd64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:c8f1a9d09131727033e6e60984c5baa3271adc6a23854b9aabe70f36952d35d6_s390x", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:0be17e173b962f1a87e833096f208c9030fce1128b2b8c86842a0a40f7d6cf02_arm64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:5c79bf93599b792c20c76d9a0a35532ad79a45f3765dccfbafab9a273e338e52_amd64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:a05c071011c96e4db1e4a469883103f4118a304d3e03338083d2a103c0e7c208_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:ad85c5d648363cdb36790b49311f4e07a8584b9e6065cde9d41274a1bd716f0a_s390x", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:90320bd14c632ace987ca1eac05a78068123ef1fc97c401951d073a3f0fd8e66_s390x", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:e45be680b6140f58ff1840649b29aebebad4c5950d9571ca39dfea1dffd669b0_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:f63d0a9a0e3dc9d86e84279c50e9c613d8430e71a3821d418e168250ca3b747c_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0fd63f75b7638fadc78f92a62d6e9731e42c05069f3e93ab0ffd4b004de78100_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:2839bcce06fd5a02f6cc8fce8668fb806ae8f2e0e7174e5c66376792c2d1fd92_s390x", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:7fcb79c1707b3c8b767d8c174e5b64516f200c0bfa255c1f40557446b37debae_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a4e43fc7608837da6a66cb2c5bda4b78b520c3075c0f1f66bb824fa44e2d35fd_arm64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:4283fa3b6ee93404d4fe7b551b52dbd7a4bbd8be0a57cf9b603a68736feefaea_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:7e98ef30dca1071d5abff1be2a3a296cc9a4663162a3828b697637195d314e77_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:b3ee1cad060e7f72414df1ae6c0e27ddf6f6fa7a8e45627ebeb912b8a9ca3b74_arm64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:c6d947e30ec1aa348d573ee93c669f71b38ea93801e71636f5f9ab4609f681b4_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:436307eef035e0e9be448eb6c4f6a690a7d357ed06d661642b082e0d3219864c_amd64", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:53ceb20280569eaf0129686d49d462a3c1d3eaf2829b6eb920e9359be718e2c4_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aa89295f36c99d70e63b07e9fe2c8db348df38b3308870f543efb4be24beca6c_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aed3972894519bc832bd9a340316a752ebb8edbc393051904c399eef7e423dd4_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1808d69232a47c3590a41c1e97126dd06c2727be972b11170b115f2e5d9fec38_amd64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1d5153067a1cb127f74d2bc983d16db8f39313a378f14d13f7e39da28f2251ae_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:5be1e54791e8024f0e1342eba7d4441e0606f9a26be8f52aff51c8665baa41cc_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:f2924c460e8d7e12da359f365f9ec3b13c2d175dd6c11533b12113741eea7292_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:8a28d0fad728823ae5a07a259a0866bc507ae9b0f90eb1b4c63567aaf13c377c_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f5b656141ad16ac873d1b886abc3b956380268b6c0dddb8ceac3e79b65edae0a_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f708326772c9ed846e11b053efda56c106d5a72a13482d2a8ecc179cfb957bc9_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:fb98ce01f36b3780192e99b96c688387b5d76892f409b831d6f134ec65d02d4a_amd64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:56067372156bb6d00103eecc4b5c80478980036b8143a2e2a73f8a685d0d78ee_amd64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:98724153fa7763d22bcf11c3a5faa6eee0f6c40c4f4f647487e106d2ef427218_s390x", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:a7f8ce55764d4e303d54aaf064d56ee192620d29b361fabcda2a26f364221dc9_arm64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:e3e10a30c35a9cbd5f81d107e9ce86b2410bd10171673521eab1491ebdee2314_ppc64le", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:1de63e2d307841c7707f4d0c09cd1d9cd673bbd7736c5f6c533986a9de0d1118_s390x", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:488e74aed7f420f6112ef1f7b3b5cc812358574ec149ecca1147ff2f9d6d7835_arm64", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:5be8ca7ec79077906c23b52cdaa731866774a2e413babd395d3f24d892bed37a_ppc64le", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:c78e2547f3cff318747e354f09e5954c71fde8840ab8db818050dc9531205e6c_amd64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:09f23f185abfbec175fbea2cc1fba624308c2777b5c8133d9e98daeb4bcfa009_s390x", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3af39faf1795e87018795c35b2ec5074bfcd1bf76b84326446cfb1570bc0d5e0_arm64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3c969356ace5c3bc0fa5d6d8e25a838262b0f6152533f4361034a742eb29ae24_amd64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:f02c115867036c64cdf8669fe7690b94d23b19ad7b969938f7c4cbb00111d403_ppc64le", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:1339f82b15ebe01ba411e70252eb5964a5d622bd28a7fa494786ae6317d3060c_amd64", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:328c0d0e4d06573f2f26bbec39f1a570eb6ddbc26a5c0fa380fec7f840f6475e_arm64", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:e5480dd0b573d0fd949fa2cf22d77ebb5a32765fb95bed18a02fa3155f690f5b_ppc64le", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:fab9c37776dabaa9c510bf243f23407715a1e3bd1c0a0280dc22191c6349a1c0_s390x", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:4f5241425e26875244fab0ec9e96707790ef86edca5265ac01de1ccfc86294c0_amd64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:64c9e84fb923d107d0d4d3f9026510de03f73773cc8348f0025721d26033215c_arm64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:8913009902c71afe34f3a98ed720997e72f764cb7e251a08a2698f2d8ce64e24_s390x", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:c5bcc8c4e5d2a4b7270b04dc1b8e8fa399a0f0bfff1d1cc3e7ec0b7b7b6e0f3f_ppc64le", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:002229b229bf9a13e54dc16e1edacc0cf8c75d6f46948868a045d79dfd38033c_amd64", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:53a9030933e0b2f752461e5337590ad16e891a8fdda897d8a0cb8e135363f0d0_ppc64le", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:d4296089159e15bf3e11f5695a34d10b83875a346545f1d09824b4fe47295cf8_s390x", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:e05489056e65dba4eb291b050c8072608a5efc2ce971b34a903c8c7ca07e0927_arm64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:0d64615d4c3a6fc8e0fc5eb595d8f846f17f7462aaf66b40aa54436fe2b4bd2b_amd64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:c182f0b51bfd9b29ea7363f74522a49b6601418f5db76843231167ef1176f709_s390x", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:d41f6fabaec525dfaac736806b93102479260309f482e155af2b03dc3c9a0c61_arm64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:f35f6472c8138046e2f9017659dfb5a703cd895032a21d6d95c1075173005f7c_ppc64le", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:83354271af399291790b9c3e2e98ba1db7fac99b48a385d50e7318b357f882ca_ppc64le", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:cc5f8499009dc316d936c3a57f9a9457d5f2bbc8568e2b484a7c8b1cc676da7c_arm64", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:e79bba365fb1a5edb7cc53d07cebdbb56e861948dedd61e9697f14a8defc300b_amd64", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:f7a86d6209a19498e56da1f39533a1198af35c2a9e3c824cea252eb34d737219_s390x", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:41d64847ac789df45b51aeca8debfa2a5ac7ff15ad880ba7213ce8afbe4aff2e_amd64", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:5a32ad8c8e7792f9679a604f073bce047c4f8fdd713a655ae83314e27366c5af_arm64", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:7040938ffaa1682dfefe95a614335b9d4f59aac472e47937f1d19f8325d985e6_ppc64le", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:9d25ef8c29b2dac4660e18c17d0286fa2ff0f6f6383b6bf795f7e5e6f70b950e_s390x", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:4bf538ff68126949da79f7b1ab97a44a64529e240cd3f84360a88bb6a9a08e4d_ppc64le", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:57bf2eca5df0be601d7dd59357e95d078bf69d26c1b26cdd56d0d311df123d5a_arm64", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:65f96884ed34103842217b26597ec413197db699aeb004daeca08f1d08014f46_amd64", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:ed01454411cbdfb20661aecc76e00767b5ec122e27a379159476eabba741b94e_s390x", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:523776c04653aac8c750ff48156fd7a5b0efd9ad35c40cbacdbe0ca6dda48217_amd64", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:7cea9ce9aeb26df137590353de05b8a88ee55faa43cecde68e40fb875f9844cd_arm64", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:866125412b6812710734b9e72d09581be40879bb57236e37660e2d29210a37ad_s390x", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:c89f9fed1ce56a6baf10808454b01d4df88571db744feb2bfae8b5707d82013f_ppc64le", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:407178ad223483b92a382e0fb916de9f42f1a0db9aaacb66710a7a743f1c3dce_arm64", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:455dde7a89b1505c93651022451b83e1e8f86186b98f660e3c6ad998a97d48f3_ppc64le", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:95de0275698ef704379246e088763c3827171487049b9cfb857712ddbdef46e9_amd64", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:f0397b30dc7b824b0e37a256c5a067585885c80db1033b44a13fe56446cd80a9_s390x", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:1f27bc62a66413a31d2d680ecd2a8ed9c9d378341da56b788cd86c98151a1fd4_s390x", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:534420075e829b5881f6cd3f32d4aa90ea3075de869b84f689c9606d4f03521a_arm64", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:8cc675a0cf4ff24b28c0b75a54fc4f3328c6a9f041f21d1814d210b7704f6970_amd64", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:c56179f297ebab2ef9851417ec42ac6c16b6f8cb3627c243ff6984d2dd6ac76d_ppc64le", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:3b94abf5182934113b1cf9b8688a2da977d5fec3110f2d79b81b2ec46ffeada3_ppc64le", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:70aa7c3711b4085caa9ba50295dfedf9b2cd3a1b37e815e4a7245c1aef0cfe22_s390x", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:bea2ee18f401ec1b4c4b87f40f6f79a4418d6aafad5e2b50099f7541b6699de7_arm64", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:f45de50d8d7b6a285317a3bc1c413427841c8d6fab742f6de0a61bad9722b61e_amd64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:094b84362782a88d8b0c7a75a23dd5ae3ff846913f0a49e732d53cc0efdf6a61_arm64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:708e8f9531f5cc33a2543956eb0c940e5ad36d2ac196903a0beaa42944cb543f_ppc64le", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:baa029b8feb59ec4d626f021ebf777cc991c1a24c29c321c40513b91641f4bbc_amd64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:c7937a592a255199c316e30c499d0c150cc95c3f208e46d8a936a5bc03a1fed6_s390x", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:21d28e1c3d1c7e8803261867c20a29df444676780ed9d4cc9f1dd1c8dbd68688_amd64", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6bac06a2e1e181fe4920a33df5ce433635871a42ba30fbbe0adff1c505fbab4b_ppc64le", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6c7cb2786f6863e7d1c8554f159c68123921d22bbd7bec5fc3532cad991937b4_s390x", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:e044af5fee732dd9923759b312c3b72dd4b6ab1780456973f35677d72586913e_arm64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:21644ef77ec046c79fb64f612245ac5d59c0aa569c548b48062da8896d159696_s390x", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:2358249e2cf40d054cca5711f39091e2f0cbd44e61a24d3c1dd1a9e79cc440b1_arm64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:9638fab8d1439730395607cc99bcda33eae5e813778398888124e8ae319cb80e_amd64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:e06aed89ad0c48bef78e45512d22c3373f62c63d335d953ba064b160a68fcad2_ppc64le", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:1063ef655f5dd15b0b914572ba672892eb53b441ae151d14cffca9d320860f2d_ppc64le", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:3f0ab9161698eb9e3342c3b3fc70d5ca9c420cdcc5a5ccebc8cc993dfefb9dc3_amd64", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:651c4ac3da42bc2acfe9bff35e397ccf5e88abb6303622f3244d6ccb9b8f9e0d_s390x", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:f02a569222e13356f5fbdef5b7d2da943e6f6071fd88ba75a2565b3d340b6c3a_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:49083d7039af6df4bd639dd998162c96dc586da4d828ffbe9c880a8a8d6d13d6_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:68228ba1ef7bf5631f0cab91cb4e9f86c3d24c1ad587332d42c4f85e1a3608d7_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:93da29b41da3c87d4bffaf42369b50217f5d8f81d0a82c4108c27a3c40f544d8_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:f212909bc9ed5be6da68a3b6a4866fdc17ecc3514b075977a8679998d6742cbe_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:299f0753c65ab4e609418fd5515bdcb041bee357f4db192ae32a24ad0c4d7853_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:62520c406cdbd823e99e8ee9ff9119b61cb6880fcb1335211b6520bedec564f2_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:9c58c89cb0173394684d7d23178ad32eb2d571444cb306ea599565eaac92ea4f_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:b385c92b069a8dae72e57b69d24e1fff59ad46781579882a1edfa4839fd8bbba_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:044723d62439a8364772ab27be2c04dbd2c0421dbeb0a7b94f70e99e646b4c80_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:d8fe5baa4aefbcf41861743a3cf6c94f8a2a63526e96e5d263a40a8cb8a5ad4e_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:da65bc93513dfb37a4828eaf5e1d4c08265ffdba05028fed95a564341d226771_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:ddb1016901287c80ef1972f25db37b1182e854115671961efb3fc0048cd95800_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:548d610f996e73b67eb21d2993b5ac3d0da02997a48b9c1226072d6d95ae4c3b_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:6307eb5e9195415477b18d701310e8813772b7120d0fc4ac83846e54b46b4745_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:a69777a61feaf373c162a82ffb6f6996df6231c23cb2f1923bdd77c311d7d739_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:e53b330ed0c4ed0803a93b18a6ce290814dcd16dce6eb980809b5b8c6c09deb4_amd64", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:405fa2e3363a3c124a5764d6153b7bcba3d43a3026813085e44c9246d51ca60a_amd64", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:b82d4ecef59b69623ec4d0a9b5537fa52e007336727c92345cd829d80961f14a_s390x", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:e96ea7f3533e7d0836512cbc2b027b60c400aa16c8e4691117608ab4736a059b_ppc64le", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:fdf9ae4924a587c945a85b2319b0471a5688368df572f2de852c51da8bc74dcb_arm64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:1af36144b83dc16cd1958d0414be55eaa2aae95894b6eefd2233308ace81df02_ppc64le", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:2aeec43f11c6572abb7d4468560dc1561a023d9692058a4ac2b13a0cedb44dde_amd64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:8b359fcf74d236fc488ef4553dbaf9dbec549e331f2b103b40139aa2eb1345e4_arm64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:97291260ff17e7e1b1f490a68041613ca5f7c192d848f928eca9b867de47bc4e_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:16eeedaa25dd61c03514479044fde9851c5b4224b718a496e33d43a06f57d5b5_amd64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:928c114e3aca978626ad91889aaed0cc20ca0d641ad946c9a1b1f2424245c795_arm64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c4e260eabb09bacc1aa332ea2001333c671e0fc65a3ef4d04e02b5473b45642d_ppc64le", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c870e034b29dfa320cb6a6bf60021033b622b76a0c4aaaf2a768326ea046b459_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:1e46b8610e037752ecfb30aaac5c7459a81aa119bf0c2b2ffb0dc90cd5701af0_arm64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:51374017a10289e0402363ae2839d110f500be44dc44834dbd8dd66ba0e6f5e9_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:836c0b874ba4fc57b5f79dffacefd2dc0261822cb6dde17d247db39175a5c27f_amd64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:b7b3de98fbcc216c00d3291691f8997183a6409dabed8ea7b10b336c481b2b87_ppc64le", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:6c9ea79e385be44f735efb932079b328200d47869f5f5f9b442fdb76067cac2a_amd64", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8349cdc4677a2dd37c54b058c487d76e8fbe4c76178e805d4745ef5c62bc6151_arm64", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8e8c89c184a5d023f031ab7cca2c4c64cdfd151c37aa5ae3a206cb1f1055268f_ppc64le", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:fdbba855391acd2b33d0b16f9f0e7ba2a9cdbaa90bf71298182954b7f4c8fe76_s390x", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:59174c376ae5563ea3a2a68bf999458f6b905058f57a7779b6dddd7aff252e4f_amd64", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:6877b4207285d7a0e1343f5c1b70bab163d1fd5004f778998d2e612817ea5f06_s390x", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a3661c1cbfa2f8c230ec44ee5e2fecf1967ce48df0c9699f063bd27407b94dac_arm64", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a5a9a7c264f07c789094cb5371729f86700c0cfce4605b573c236c21a46ea9d6_ppc64le", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:3481fdb51147ce735b7864215cacd4c6a24b2c05a9388866f11be887a5fd0d4f_s390x", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:84486a82cd6655d5e5a1fbccae5a2e9335498d3e05422fa325b443c8923c1b75_arm64", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:bdeee76d09265212805e06117c368c96d40c7b46278dc09413fa300c6198ac2d_amd64", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:ceb1bd89103c56378166ab968dbaa387ab0531d1592f053718d0c1c683770e3d_ppc64le", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:4b7544ec460f265afb71c9d362cf9851e3ba250c3ab694ccc9a78c15eb38a612_arm64", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:6695c50772760b400d0535f406f02b7c37436c5ce6932b8d5518b995780287a8_s390x", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:91b398bdccc5dbbfb82913ac52110d0b8e2f6c37ded6aa22b7d97ec4655b4cde_amd64", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:e129649706a536e4ef6e8f770d0bf682f35da55c86c978c749e903b1a2bbe875_ppc64le", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:17dfda9e5f46f9df69171607ec2e078be9362de4c13e2ed20763fc59a7e9cd1a_s390x", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:4eddabb57e6f448c45fba78dc72f1541ccddb11b63a558764d0c105465a76555_amd64", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:581fb02a9670b27810f2ad35bad4a82d2e1eab77fcd1274de05b0a922450d3fc_ppc64le", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:7400391c2a56bc01da6fbbf13bb249a01e90d8eccb8d465dfb19c3598f5fecbe_arm64", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:4b228ecad424ca792139152948e27ed4c714dcfbcd540caf117dee20845018c8_ppc64le", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:7ceb607e7a3205361d8c9d1b44aae47381e2d07b129e40b5f90f55c3a8402774_arm64", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:b17fe936f5d8d8da38d72bf2153b47ac619c460c1f8227b4cb2f37cfc18cd4be_s390x", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:e9a5ef8f2d97357bee0198544d0545c26ee7c7d10116771e510d73eda6c45abe_amd64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:23a4e918b5ffdbad4745e541afad2747bd6b28e534a31e7b5aff74296b27e3e7_amd64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:26de3711356177090694b4bf00821d873127cf8c0675fe42a8f757c5c37a40cd_arm64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:6515a630cddbb13fd14f81fd3b8c3a95f2469eaf599010b42732d8fd794af1b0_s390x", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:736e1fd62ba7b6c56ad1af81ab1260dd7d13a770d62914183aaa2cc2ebb0dc20_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:01517c35f75f1f4f4c3625eb899bff16ae5c114a241c70b56f7de2310ddd065e_s390x", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:33929c835221f166d0eb731f5e553cdf78a5579a124c90b462d4bb5250dc7254_arm64", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:89dad712668e3fdd11a79fdc477a5a2fe1060902bd3f3e575fd2812b4e9f7037_ppc64le", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:fa807a069376c408c56d593bc2e2569cec0c19f105a727a616dea3bd8305953f_amd64" ], "known_not_affected": [ "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:1aae106ecbdeadb77b0fd95133827e7fad4f5fcb9916e56ca0dfccab8bd34bed_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:2c7f0617df666e8cbcd622dee073a35843db4a81caa19b7db3b9fb9264cdf7fc_amd64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7f6671f84fcbe569fceece415dd7beeb8bb7f86c3031bdfb3ac0d0e777051b2f_s390x", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:b30028955a86b6ecdb8c6865328976d74e98f56d6e21277a9f5a812f896b6303_arm64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:25271964483024b3235dd61f7e7bb9dd5e9dfa75f76e6ded5c92580d440ca48b_s390x", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:7dcde13540cc938374463521f91091a7bbf0a037cabfc5e4b55c89497e0ba6bf_arm64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:b7b778111722c0da14ae74580be1813f6ecedf97fcd88de46fd15cc3ace2cb61_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:ec5fc63b94bc9c070f14fd76d4ae26b90e3f29d3694887380a5f8f8ea5a04bc0_amd64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:0c427fa58c97b71eb784e4a590c208b0284cf656f66a268ea4803804ce3ce28a_arm64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:2e3505803004ca421087171bfe9097f6f106c812f840e8b83d1215150b4137c4_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:49746c3a6e7033b1bac90d3515e0f5ab44aaf9c45cce414308da72bb960287b1_amd64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:c8f1a9d09131727033e6e60984c5baa3271adc6a23854b9aabe70f36952d35d6_s390x", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:0be17e173b962f1a87e833096f208c9030fce1128b2b8c86842a0a40f7d6cf02_arm64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:5c79bf93599b792c20c76d9a0a35532ad79a45f3765dccfbafab9a273e338e52_amd64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:a05c071011c96e4db1e4a469883103f4118a304d3e03338083d2a103c0e7c208_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:ad85c5d648363cdb36790b49311f4e07a8584b9e6065cde9d41274a1bd716f0a_s390x", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:90320bd14c632ace987ca1eac05a78068123ef1fc97c401951d073a3f0fd8e66_s390x", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:e45be680b6140f58ff1840649b29aebebad4c5950d9571ca39dfea1dffd669b0_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:f63d0a9a0e3dc9d86e84279c50e9c613d8430e71a3821d418e168250ca3b747c_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0fd63f75b7638fadc78f92a62d6e9731e42c05069f3e93ab0ffd4b004de78100_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:2839bcce06fd5a02f6cc8fce8668fb806ae8f2e0e7174e5c66376792c2d1fd92_s390x", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:7fcb79c1707b3c8b767d8c174e5b64516f200c0bfa255c1f40557446b37debae_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a4e43fc7608837da6a66cb2c5bda4b78b520c3075c0f1f66bb824fa44e2d35fd_arm64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:4283fa3b6ee93404d4fe7b551b52dbd7a4bbd8be0a57cf9b603a68736feefaea_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:7e98ef30dca1071d5abff1be2a3a296cc9a4663162a3828b697637195d314e77_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:b3ee1cad060e7f72414df1ae6c0e27ddf6f6fa7a8e45627ebeb912b8a9ca3b74_arm64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:c6d947e30ec1aa348d573ee93c669f71b38ea93801e71636f5f9ab4609f681b4_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:436307eef035e0e9be448eb6c4f6a690a7d357ed06d661642b082e0d3219864c_amd64", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:53ceb20280569eaf0129686d49d462a3c1d3eaf2829b6eb920e9359be718e2c4_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aa89295f36c99d70e63b07e9fe2c8db348df38b3308870f543efb4be24beca6c_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aed3972894519bc832bd9a340316a752ebb8edbc393051904c399eef7e423dd4_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1808d69232a47c3590a41c1e97126dd06c2727be972b11170b115f2e5d9fec38_amd64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1d5153067a1cb127f74d2bc983d16db8f39313a378f14d13f7e39da28f2251ae_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:5be1e54791e8024f0e1342eba7d4441e0606f9a26be8f52aff51c8665baa41cc_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:f2924c460e8d7e12da359f365f9ec3b13c2d175dd6c11533b12113741eea7292_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:8a28d0fad728823ae5a07a259a0866bc507ae9b0f90eb1b4c63567aaf13c377c_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f5b656141ad16ac873d1b886abc3b956380268b6c0dddb8ceac3e79b65edae0a_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f708326772c9ed846e11b053efda56c106d5a72a13482d2a8ecc179cfb957bc9_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:fb98ce01f36b3780192e99b96c688387b5d76892f409b831d6f134ec65d02d4a_amd64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:56067372156bb6d00103eecc4b5c80478980036b8143a2e2a73f8a685d0d78ee_amd64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:98724153fa7763d22bcf11c3a5faa6eee0f6c40c4f4f647487e106d2ef427218_s390x", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:a7f8ce55764d4e303d54aaf064d56ee192620d29b361fabcda2a26f364221dc9_arm64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:e3e10a30c35a9cbd5f81d107e9ce86b2410bd10171673521eab1491ebdee2314_ppc64le", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:1de63e2d307841c7707f4d0c09cd1d9cd673bbd7736c5f6c533986a9de0d1118_s390x", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:488e74aed7f420f6112ef1f7b3b5cc812358574ec149ecca1147ff2f9d6d7835_arm64", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:5be8ca7ec79077906c23b52cdaa731866774a2e413babd395d3f24d892bed37a_ppc64le", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:c78e2547f3cff318747e354f09e5954c71fde8840ab8db818050dc9531205e6c_amd64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:09f23f185abfbec175fbea2cc1fba624308c2777b5c8133d9e98daeb4bcfa009_s390x", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3af39faf1795e87018795c35b2ec5074bfcd1bf76b84326446cfb1570bc0d5e0_arm64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3c969356ace5c3bc0fa5d6d8e25a838262b0f6152533f4361034a742eb29ae24_amd64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:f02c115867036c64cdf8669fe7690b94d23b19ad7b969938f7c4cbb00111d403_ppc64le", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:1339f82b15ebe01ba411e70252eb5964a5d622bd28a7fa494786ae6317d3060c_amd64", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:328c0d0e4d06573f2f26bbec39f1a570eb6ddbc26a5c0fa380fec7f840f6475e_arm64", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:e5480dd0b573d0fd949fa2cf22d77ebb5a32765fb95bed18a02fa3155f690f5b_ppc64le", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:fab9c37776dabaa9c510bf243f23407715a1e3bd1c0a0280dc22191c6349a1c0_s390x", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:4f5241425e26875244fab0ec9e96707790ef86edca5265ac01de1ccfc86294c0_amd64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:64c9e84fb923d107d0d4d3f9026510de03f73773cc8348f0025721d26033215c_arm64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:8913009902c71afe34f3a98ed720997e72f764cb7e251a08a2698f2d8ce64e24_s390x", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:c5bcc8c4e5d2a4b7270b04dc1b8e8fa399a0f0bfff1d1cc3e7ec0b7b7b6e0f3f_ppc64le", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:002229b229bf9a13e54dc16e1edacc0cf8c75d6f46948868a045d79dfd38033c_amd64", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:53a9030933e0b2f752461e5337590ad16e891a8fdda897d8a0cb8e135363f0d0_ppc64le", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:d4296089159e15bf3e11f5695a34d10b83875a346545f1d09824b4fe47295cf8_s390x", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:e05489056e65dba4eb291b050c8072608a5efc2ce971b34a903c8c7ca07e0927_arm64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:0d64615d4c3a6fc8e0fc5eb595d8f846f17f7462aaf66b40aa54436fe2b4bd2b_amd64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:c182f0b51bfd9b29ea7363f74522a49b6601418f5db76843231167ef1176f709_s390x", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:d41f6fabaec525dfaac736806b93102479260309f482e155af2b03dc3c9a0c61_arm64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:f35f6472c8138046e2f9017659dfb5a703cd895032a21d6d95c1075173005f7c_ppc64le", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:83354271af399291790b9c3e2e98ba1db7fac99b48a385d50e7318b357f882ca_ppc64le", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:cc5f8499009dc316d936c3a57f9a9457d5f2bbc8568e2b484a7c8b1cc676da7c_arm64", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:e79bba365fb1a5edb7cc53d07cebdbb56e861948dedd61e9697f14a8defc300b_amd64", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:f7a86d6209a19498e56da1f39533a1198af35c2a9e3c824cea252eb34d737219_s390x", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:41d64847ac789df45b51aeca8debfa2a5ac7ff15ad880ba7213ce8afbe4aff2e_amd64", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:5a32ad8c8e7792f9679a604f073bce047c4f8fdd713a655ae83314e27366c5af_arm64", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:7040938ffaa1682dfefe95a614335b9d4f59aac472e47937f1d19f8325d985e6_ppc64le", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:9d25ef8c29b2dac4660e18c17d0286fa2ff0f6f6383b6bf795f7e5e6f70b950e_s390x", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:4bf538ff68126949da79f7b1ab97a44a64529e240cd3f84360a88bb6a9a08e4d_ppc64le", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:57bf2eca5df0be601d7dd59357e95d078bf69d26c1b26cdd56d0d311df123d5a_arm64", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:65f96884ed34103842217b26597ec413197db699aeb004daeca08f1d08014f46_amd64", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:ed01454411cbdfb20661aecc76e00767b5ec122e27a379159476eabba741b94e_s390x", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:523776c04653aac8c750ff48156fd7a5b0efd9ad35c40cbacdbe0ca6dda48217_amd64", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:7cea9ce9aeb26df137590353de05b8a88ee55faa43cecde68e40fb875f9844cd_arm64", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:866125412b6812710734b9e72d09581be40879bb57236e37660e2d29210a37ad_s390x", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:c89f9fed1ce56a6baf10808454b01d4df88571db744feb2bfae8b5707d82013f_ppc64le", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:407178ad223483b92a382e0fb916de9f42f1a0db9aaacb66710a7a743f1c3dce_arm64", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:455dde7a89b1505c93651022451b83e1e8f86186b98f660e3c6ad998a97d48f3_ppc64le", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:95de0275698ef704379246e088763c3827171487049b9cfb857712ddbdef46e9_amd64", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:f0397b30dc7b824b0e37a256c5a067585885c80db1033b44a13fe56446cd80a9_s390x", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:1f27bc62a66413a31d2d680ecd2a8ed9c9d378341da56b788cd86c98151a1fd4_s390x", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:534420075e829b5881f6cd3f32d4aa90ea3075de869b84f689c9606d4f03521a_arm64", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:8cc675a0cf4ff24b28c0b75a54fc4f3328c6a9f041f21d1814d210b7704f6970_amd64", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:c56179f297ebab2ef9851417ec42ac6c16b6f8cb3627c243ff6984d2dd6ac76d_ppc64le", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:3b94abf5182934113b1cf9b8688a2da977d5fec3110f2d79b81b2ec46ffeada3_ppc64le", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:70aa7c3711b4085caa9ba50295dfedf9b2cd3a1b37e815e4a7245c1aef0cfe22_s390x", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:bea2ee18f401ec1b4c4b87f40f6f79a4418d6aafad5e2b50099f7541b6699de7_arm64", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:f45de50d8d7b6a285317a3bc1c413427841c8d6fab742f6de0a61bad9722b61e_amd64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:094b84362782a88d8b0c7a75a23dd5ae3ff846913f0a49e732d53cc0efdf6a61_arm64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:708e8f9531f5cc33a2543956eb0c940e5ad36d2ac196903a0beaa42944cb543f_ppc64le", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:baa029b8feb59ec4d626f021ebf777cc991c1a24c29c321c40513b91641f4bbc_amd64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:c7937a592a255199c316e30c499d0c150cc95c3f208e46d8a936a5bc03a1fed6_s390x", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:21d28e1c3d1c7e8803261867c20a29df444676780ed9d4cc9f1dd1c8dbd68688_amd64", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6bac06a2e1e181fe4920a33df5ce433635871a42ba30fbbe0adff1c505fbab4b_ppc64le", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6c7cb2786f6863e7d1c8554f159c68123921d22bbd7bec5fc3532cad991937b4_s390x", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:e044af5fee732dd9923759b312c3b72dd4b6ab1780456973f35677d72586913e_arm64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:21644ef77ec046c79fb64f612245ac5d59c0aa569c548b48062da8896d159696_s390x", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:2358249e2cf40d054cca5711f39091e2f0cbd44e61a24d3c1dd1a9e79cc440b1_arm64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:9638fab8d1439730395607cc99bcda33eae5e813778398888124e8ae319cb80e_amd64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:e06aed89ad0c48bef78e45512d22c3373f62c63d335d953ba064b160a68fcad2_ppc64le", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:1063ef655f5dd15b0b914572ba672892eb53b441ae151d14cffca9d320860f2d_ppc64le", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:3f0ab9161698eb9e3342c3b3fc70d5ca9c420cdcc5a5ccebc8cc993dfefb9dc3_amd64", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:651c4ac3da42bc2acfe9bff35e397ccf5e88abb6303622f3244d6ccb9b8f9e0d_s390x", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:f02a569222e13356f5fbdef5b7d2da943e6f6071fd88ba75a2565b3d340b6c3a_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:49083d7039af6df4bd639dd998162c96dc586da4d828ffbe9c880a8a8d6d13d6_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:68228ba1ef7bf5631f0cab91cb4e9f86c3d24c1ad587332d42c4f85e1a3608d7_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:93da29b41da3c87d4bffaf42369b50217f5d8f81d0a82c4108c27a3c40f544d8_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:f212909bc9ed5be6da68a3b6a4866fdc17ecc3514b075977a8679998d6742cbe_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:299f0753c65ab4e609418fd5515bdcb041bee357f4db192ae32a24ad0c4d7853_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:62520c406cdbd823e99e8ee9ff9119b61cb6880fcb1335211b6520bedec564f2_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:9c58c89cb0173394684d7d23178ad32eb2d571444cb306ea599565eaac92ea4f_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:b385c92b069a8dae72e57b69d24e1fff59ad46781579882a1edfa4839fd8bbba_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:044723d62439a8364772ab27be2c04dbd2c0421dbeb0a7b94f70e99e646b4c80_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:d8fe5baa4aefbcf41861743a3cf6c94f8a2a63526e96e5d263a40a8cb8a5ad4e_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:da65bc93513dfb37a4828eaf5e1d4c08265ffdba05028fed95a564341d226771_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:ddb1016901287c80ef1972f25db37b1182e854115671961efb3fc0048cd95800_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:548d610f996e73b67eb21d2993b5ac3d0da02997a48b9c1226072d6d95ae4c3b_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:6307eb5e9195415477b18d701310e8813772b7120d0fc4ac83846e54b46b4745_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:a69777a61feaf373c162a82ffb6f6996df6231c23cb2f1923bdd77c311d7d739_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:e53b330ed0c4ed0803a93b18a6ce290814dcd16dce6eb980809b5b8c6c09deb4_amd64", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:405fa2e3363a3c124a5764d6153b7bcba3d43a3026813085e44c9246d51ca60a_amd64", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:b82d4ecef59b69623ec4d0a9b5537fa52e007336727c92345cd829d80961f14a_s390x", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:e96ea7f3533e7d0836512cbc2b027b60c400aa16c8e4691117608ab4736a059b_ppc64le", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:fdf9ae4924a587c945a85b2319b0471a5688368df572f2de852c51da8bc74dcb_arm64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:1af36144b83dc16cd1958d0414be55eaa2aae95894b6eefd2233308ace81df02_ppc64le", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:2aeec43f11c6572abb7d4468560dc1561a023d9692058a4ac2b13a0cedb44dde_amd64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:8b359fcf74d236fc488ef4553dbaf9dbec549e331f2b103b40139aa2eb1345e4_arm64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:97291260ff17e7e1b1f490a68041613ca5f7c192d848f928eca9b867de47bc4e_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:16eeedaa25dd61c03514479044fde9851c5b4224b718a496e33d43a06f57d5b5_amd64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:928c114e3aca978626ad91889aaed0cc20ca0d641ad946c9a1b1f2424245c795_arm64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c4e260eabb09bacc1aa332ea2001333c671e0fc65a3ef4d04e02b5473b45642d_ppc64le", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c870e034b29dfa320cb6a6bf60021033b622b76a0c4aaaf2a768326ea046b459_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:1e46b8610e037752ecfb30aaac5c7459a81aa119bf0c2b2ffb0dc90cd5701af0_arm64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:51374017a10289e0402363ae2839d110f500be44dc44834dbd8dd66ba0e6f5e9_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:836c0b874ba4fc57b5f79dffacefd2dc0261822cb6dde17d247db39175a5c27f_amd64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:b7b3de98fbcc216c00d3291691f8997183a6409dabed8ea7b10b336c481b2b87_ppc64le", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:6c9ea79e385be44f735efb932079b328200d47869f5f5f9b442fdb76067cac2a_amd64", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8349cdc4677a2dd37c54b058c487d76e8fbe4c76178e805d4745ef5c62bc6151_arm64", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8e8c89c184a5d023f031ab7cca2c4c64cdfd151c37aa5ae3a206cb1f1055268f_ppc64le", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:fdbba855391acd2b33d0b16f9f0e7ba2a9cdbaa90bf71298182954b7f4c8fe76_s390x", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:59174c376ae5563ea3a2a68bf999458f6b905058f57a7779b6dddd7aff252e4f_amd64", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:6877b4207285d7a0e1343f5c1b70bab163d1fd5004f778998d2e612817ea5f06_s390x", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a3661c1cbfa2f8c230ec44ee5e2fecf1967ce48df0c9699f063bd27407b94dac_arm64", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a5a9a7c264f07c789094cb5371729f86700c0cfce4605b573c236c21a46ea9d6_ppc64le", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:3481fdb51147ce735b7864215cacd4c6a24b2c05a9388866f11be887a5fd0d4f_s390x", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:84486a82cd6655d5e5a1fbccae5a2e9335498d3e05422fa325b443c8923c1b75_arm64", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:bdeee76d09265212805e06117c368c96d40c7b46278dc09413fa300c6198ac2d_amd64", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:ceb1bd89103c56378166ab968dbaa387ab0531d1592f053718d0c1c683770e3d_ppc64le", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:4b7544ec460f265afb71c9d362cf9851e3ba250c3ab694ccc9a78c15eb38a612_arm64", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:6695c50772760b400d0535f406f02b7c37436c5ce6932b8d5518b995780287a8_s390x", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:91b398bdccc5dbbfb82913ac52110d0b8e2f6c37ded6aa22b7d97ec4655b4cde_amd64", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:e129649706a536e4ef6e8f770d0bf682f35da55c86c978c749e903b1a2bbe875_ppc64le", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:17dfda9e5f46f9df69171607ec2e078be9362de4c13e2ed20763fc59a7e9cd1a_s390x", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:4eddabb57e6f448c45fba78dc72f1541ccddb11b63a558764d0c105465a76555_amd64", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:581fb02a9670b27810f2ad35bad4a82d2e1eab77fcd1274de05b0a922450d3fc_ppc64le", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:7400391c2a56bc01da6fbbf13bb249a01e90d8eccb8d465dfb19c3598f5fecbe_arm64", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:4b228ecad424ca792139152948e27ed4c714dcfbcd540caf117dee20845018c8_ppc64le", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:7ceb607e7a3205361d8c9d1b44aae47381e2d07b129e40b5f90f55c3a8402774_arm64", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:b17fe936f5d8d8da38d72bf2153b47ac619c460c1f8227b4cb2f37cfc18cd4be_s390x", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:e9a5ef8f2d97357bee0198544d0545c26ee7c7d10116771e510d73eda6c45abe_amd64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:23a4e918b5ffdbad4745e541afad2747bd6b28e534a31e7b5aff74296b27e3e7_amd64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:26de3711356177090694b4bf00821d873127cf8c0675fe42a8f757c5c37a40cd_arm64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:6515a630cddbb13fd14f81fd3b8c3a95f2469eaf599010b42732d8fd794af1b0_s390x", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:736e1fd62ba7b6c56ad1af81ab1260dd7d13a770d62914183aaa2cc2ebb0dc20_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-07T18:36:08+00:00", "details": "For Red Hat Advanced Cluster Management for Kubernetes, see the following\ndocumentation, which will be updated shortly for this release, for important\ninstructions on installing this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:01517c35f75f1f4f4c3625eb899bff16ae5c114a241c70b56f7de2310ddd065e_s390x", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:33929c835221f166d0eb731f5e553cdf78a5579a124c90b462d4bb5250dc7254_arm64", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:89dad712668e3fdd11a79fdc477a5a2fe1060902bd3f3e575fd2812b4e9f7037_ppc64le", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:fa807a069376c408c56d593bc2e2569cec0c19f105a727a616dea3bd8305953f_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0630" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:01517c35f75f1f4f4c3625eb899bff16ae5c114a241c70b56f7de2310ddd065e_s390x", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:33929c835221f166d0eb731f5e553cdf78a5579a124c90b462d4bb5250dc7254_arm64", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:89dad712668e3fdd11a79fdc477a5a2fe1060902bd3f3e575fd2812b4e9f7037_ppc64le", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:fa807a069376c408c56d593bc2e2569cec0c19f105a727a616dea3bd8305953f_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "cve": "CVE-2022-30629", "cwe": { "id": "CWE-331", "name": "Insufficient Entropy" }, "discovery_date": "2022-06-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:1aae106ecbdeadb77b0fd95133827e7fad4f5fcb9916e56ca0dfccab8bd34bed_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:2c7f0617df666e8cbcd622dee073a35843db4a81caa19b7db3b9fb9264cdf7fc_amd64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7f6671f84fcbe569fceece415dd7beeb8bb7f86c3031bdfb3ac0d0e777051b2f_s390x", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:b30028955a86b6ecdb8c6865328976d74e98f56d6e21277a9f5a812f896b6303_arm64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:25271964483024b3235dd61f7e7bb9dd5e9dfa75f76e6ded5c92580d440ca48b_s390x", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:7dcde13540cc938374463521f91091a7bbf0a037cabfc5e4b55c89497e0ba6bf_arm64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:b7b778111722c0da14ae74580be1813f6ecedf97fcd88de46fd15cc3ace2cb61_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:ec5fc63b94bc9c070f14fd76d4ae26b90e3f29d3694887380a5f8f8ea5a04bc0_amd64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:0c427fa58c97b71eb784e4a590c208b0284cf656f66a268ea4803804ce3ce28a_arm64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:2e3505803004ca421087171bfe9097f6f106c812f840e8b83d1215150b4137c4_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:49746c3a6e7033b1bac90d3515e0f5ab44aaf9c45cce414308da72bb960287b1_amd64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:c8f1a9d09131727033e6e60984c5baa3271adc6a23854b9aabe70f36952d35d6_s390x", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:0be17e173b962f1a87e833096f208c9030fce1128b2b8c86842a0a40f7d6cf02_arm64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:5c79bf93599b792c20c76d9a0a35532ad79a45f3765dccfbafab9a273e338e52_amd64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:a05c071011c96e4db1e4a469883103f4118a304d3e03338083d2a103c0e7c208_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:ad85c5d648363cdb36790b49311f4e07a8584b9e6065cde9d41274a1bd716f0a_s390x", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:90320bd14c632ace987ca1eac05a78068123ef1fc97c401951d073a3f0fd8e66_s390x", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:e45be680b6140f58ff1840649b29aebebad4c5950d9571ca39dfea1dffd669b0_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:f63d0a9a0e3dc9d86e84279c50e9c613d8430e71a3821d418e168250ca3b747c_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0fd63f75b7638fadc78f92a62d6e9731e42c05069f3e93ab0ffd4b004de78100_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:2839bcce06fd5a02f6cc8fce8668fb806ae8f2e0e7174e5c66376792c2d1fd92_s390x", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:7fcb79c1707b3c8b767d8c174e5b64516f200c0bfa255c1f40557446b37debae_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a4e43fc7608837da6a66cb2c5bda4b78b520c3075c0f1f66bb824fa44e2d35fd_arm64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:4283fa3b6ee93404d4fe7b551b52dbd7a4bbd8be0a57cf9b603a68736feefaea_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:7e98ef30dca1071d5abff1be2a3a296cc9a4663162a3828b697637195d314e77_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:b3ee1cad060e7f72414df1ae6c0e27ddf6f6fa7a8e45627ebeb912b8a9ca3b74_arm64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:c6d947e30ec1aa348d573ee93c669f71b38ea93801e71636f5f9ab4609f681b4_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:436307eef035e0e9be448eb6c4f6a690a7d357ed06d661642b082e0d3219864c_amd64", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:53ceb20280569eaf0129686d49d462a3c1d3eaf2829b6eb920e9359be718e2c4_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aa89295f36c99d70e63b07e9fe2c8db348df38b3308870f543efb4be24beca6c_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aed3972894519bc832bd9a340316a752ebb8edbc393051904c399eef7e423dd4_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1808d69232a47c3590a41c1e97126dd06c2727be972b11170b115f2e5d9fec38_amd64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1d5153067a1cb127f74d2bc983d16db8f39313a378f14d13f7e39da28f2251ae_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:5be1e54791e8024f0e1342eba7d4441e0606f9a26be8f52aff51c8665baa41cc_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:f2924c460e8d7e12da359f365f9ec3b13c2d175dd6c11533b12113741eea7292_arm64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:56067372156bb6d00103eecc4b5c80478980036b8143a2e2a73f8a685d0d78ee_amd64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:98724153fa7763d22bcf11c3a5faa6eee0f6c40c4f4f647487e106d2ef427218_s390x", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:a7f8ce55764d4e303d54aaf064d56ee192620d29b361fabcda2a26f364221dc9_arm64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:e3e10a30c35a9cbd5f81d107e9ce86b2410bd10171673521eab1491ebdee2314_ppc64le", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:1de63e2d307841c7707f4d0c09cd1d9cd673bbd7736c5f6c533986a9de0d1118_s390x", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:488e74aed7f420f6112ef1f7b3b5cc812358574ec149ecca1147ff2f9d6d7835_arm64", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:5be8ca7ec79077906c23b52cdaa731866774a2e413babd395d3f24d892bed37a_ppc64le", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:c78e2547f3cff318747e354f09e5954c71fde8840ab8db818050dc9531205e6c_amd64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:09f23f185abfbec175fbea2cc1fba624308c2777b5c8133d9e98daeb4bcfa009_s390x", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3af39faf1795e87018795c35b2ec5074bfcd1bf76b84326446cfb1570bc0d5e0_arm64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3c969356ace5c3bc0fa5d6d8e25a838262b0f6152533f4361034a742eb29ae24_amd64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:f02c115867036c64cdf8669fe7690b94d23b19ad7b969938f7c4cbb00111d403_ppc64le", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:1339f82b15ebe01ba411e70252eb5964a5d622bd28a7fa494786ae6317d3060c_amd64", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:328c0d0e4d06573f2f26bbec39f1a570eb6ddbc26a5c0fa380fec7f840f6475e_arm64", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:e5480dd0b573d0fd949fa2cf22d77ebb5a32765fb95bed18a02fa3155f690f5b_ppc64le", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:fab9c37776dabaa9c510bf243f23407715a1e3bd1c0a0280dc22191c6349a1c0_s390x", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:01517c35f75f1f4f4c3625eb899bff16ae5c114a241c70b56f7de2310ddd065e_s390x", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:33929c835221f166d0eb731f5e553cdf78a5579a124c90b462d4bb5250dc7254_arm64", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:89dad712668e3fdd11a79fdc477a5a2fe1060902bd3f3e575fd2812b4e9f7037_ppc64le", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:fa807a069376c408c56d593bc2e2569cec0c19f105a727a616dea3bd8305953f_amd64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:4f5241425e26875244fab0ec9e96707790ef86edca5265ac01de1ccfc86294c0_amd64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:64c9e84fb923d107d0d4d3f9026510de03f73773cc8348f0025721d26033215c_arm64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:8913009902c71afe34f3a98ed720997e72f764cb7e251a08a2698f2d8ce64e24_s390x", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:c5bcc8c4e5d2a4b7270b04dc1b8e8fa399a0f0bfff1d1cc3e7ec0b7b7b6e0f3f_ppc64le", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:002229b229bf9a13e54dc16e1edacc0cf8c75d6f46948868a045d79dfd38033c_amd64", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:53a9030933e0b2f752461e5337590ad16e891a8fdda897d8a0cb8e135363f0d0_ppc64le", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:d4296089159e15bf3e11f5695a34d10b83875a346545f1d09824b4fe47295cf8_s390x", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:e05489056e65dba4eb291b050c8072608a5efc2ce971b34a903c8c7ca07e0927_arm64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:0d64615d4c3a6fc8e0fc5eb595d8f846f17f7462aaf66b40aa54436fe2b4bd2b_amd64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:c182f0b51bfd9b29ea7363f74522a49b6601418f5db76843231167ef1176f709_s390x", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:d41f6fabaec525dfaac736806b93102479260309f482e155af2b03dc3c9a0c61_arm64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:f35f6472c8138046e2f9017659dfb5a703cd895032a21d6d95c1075173005f7c_ppc64le", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:83354271af399291790b9c3e2e98ba1db7fac99b48a385d50e7318b357f882ca_ppc64le", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:cc5f8499009dc316d936c3a57f9a9457d5f2bbc8568e2b484a7c8b1cc676da7c_arm64", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:e79bba365fb1a5edb7cc53d07cebdbb56e861948dedd61e9697f14a8defc300b_amd64", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:f7a86d6209a19498e56da1f39533a1198af35c2a9e3c824cea252eb34d737219_s390x", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:41d64847ac789df45b51aeca8debfa2a5ac7ff15ad880ba7213ce8afbe4aff2e_amd64", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:5a32ad8c8e7792f9679a604f073bce047c4f8fdd713a655ae83314e27366c5af_arm64", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:7040938ffaa1682dfefe95a614335b9d4f59aac472e47937f1d19f8325d985e6_ppc64le", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:9d25ef8c29b2dac4660e18c17d0286fa2ff0f6f6383b6bf795f7e5e6f70b950e_s390x", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:4bf538ff68126949da79f7b1ab97a44a64529e240cd3f84360a88bb6a9a08e4d_ppc64le", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:57bf2eca5df0be601d7dd59357e95d078bf69d26c1b26cdd56d0d311df123d5a_arm64", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:65f96884ed34103842217b26597ec413197db699aeb004daeca08f1d08014f46_amd64", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:ed01454411cbdfb20661aecc76e00767b5ec122e27a379159476eabba741b94e_s390x", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:523776c04653aac8c750ff48156fd7a5b0efd9ad35c40cbacdbe0ca6dda48217_amd64", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:7cea9ce9aeb26df137590353de05b8a88ee55faa43cecde68e40fb875f9844cd_arm64", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:866125412b6812710734b9e72d09581be40879bb57236e37660e2d29210a37ad_s390x", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:c89f9fed1ce56a6baf10808454b01d4df88571db744feb2bfae8b5707d82013f_ppc64le", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:407178ad223483b92a382e0fb916de9f42f1a0db9aaacb66710a7a743f1c3dce_arm64", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:455dde7a89b1505c93651022451b83e1e8f86186b98f660e3c6ad998a97d48f3_ppc64le", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:95de0275698ef704379246e088763c3827171487049b9cfb857712ddbdef46e9_amd64", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:f0397b30dc7b824b0e37a256c5a067585885c80db1033b44a13fe56446cd80a9_s390x", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:1f27bc62a66413a31d2d680ecd2a8ed9c9d378341da56b788cd86c98151a1fd4_s390x", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:534420075e829b5881f6cd3f32d4aa90ea3075de869b84f689c9606d4f03521a_arm64", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:8cc675a0cf4ff24b28c0b75a54fc4f3328c6a9f041f21d1814d210b7704f6970_amd64", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:c56179f297ebab2ef9851417ec42ac6c16b6f8cb3627c243ff6984d2dd6ac76d_ppc64le", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:3b94abf5182934113b1cf9b8688a2da977d5fec3110f2d79b81b2ec46ffeada3_ppc64le", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:70aa7c3711b4085caa9ba50295dfedf9b2cd3a1b37e815e4a7245c1aef0cfe22_s390x", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:bea2ee18f401ec1b4c4b87f40f6f79a4418d6aafad5e2b50099f7541b6699de7_arm64", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:f45de50d8d7b6a285317a3bc1c413427841c8d6fab742f6de0a61bad9722b61e_amd64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:094b84362782a88d8b0c7a75a23dd5ae3ff846913f0a49e732d53cc0efdf6a61_arm64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:708e8f9531f5cc33a2543956eb0c940e5ad36d2ac196903a0beaa42944cb543f_ppc64le", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:baa029b8feb59ec4d626f021ebf777cc991c1a24c29c321c40513b91641f4bbc_amd64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:c7937a592a255199c316e30c499d0c150cc95c3f208e46d8a936a5bc03a1fed6_s390x", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:21d28e1c3d1c7e8803261867c20a29df444676780ed9d4cc9f1dd1c8dbd68688_amd64", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6bac06a2e1e181fe4920a33df5ce433635871a42ba30fbbe0adff1c505fbab4b_ppc64le", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6c7cb2786f6863e7d1c8554f159c68123921d22bbd7bec5fc3532cad991937b4_s390x", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:e044af5fee732dd9923759b312c3b72dd4b6ab1780456973f35677d72586913e_arm64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:21644ef77ec046c79fb64f612245ac5d59c0aa569c548b48062da8896d159696_s390x", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:2358249e2cf40d054cca5711f39091e2f0cbd44e61a24d3c1dd1a9e79cc440b1_arm64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:9638fab8d1439730395607cc99bcda33eae5e813778398888124e8ae319cb80e_amd64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:e06aed89ad0c48bef78e45512d22c3373f62c63d335d953ba064b160a68fcad2_ppc64le", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:1063ef655f5dd15b0b914572ba672892eb53b441ae151d14cffca9d320860f2d_ppc64le", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:3f0ab9161698eb9e3342c3b3fc70d5ca9c420cdcc5a5ccebc8cc993dfefb9dc3_amd64", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:651c4ac3da42bc2acfe9bff35e397ccf5e88abb6303622f3244d6ccb9b8f9e0d_s390x", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:f02a569222e13356f5fbdef5b7d2da943e6f6071fd88ba75a2565b3d340b6c3a_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:49083d7039af6df4bd639dd998162c96dc586da4d828ffbe9c880a8a8d6d13d6_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:68228ba1ef7bf5631f0cab91cb4e9f86c3d24c1ad587332d42c4f85e1a3608d7_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:93da29b41da3c87d4bffaf42369b50217f5d8f81d0a82c4108c27a3c40f544d8_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:f212909bc9ed5be6da68a3b6a4866fdc17ecc3514b075977a8679998d6742cbe_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:299f0753c65ab4e609418fd5515bdcb041bee357f4db192ae32a24ad0c4d7853_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:62520c406cdbd823e99e8ee9ff9119b61cb6880fcb1335211b6520bedec564f2_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:9c58c89cb0173394684d7d23178ad32eb2d571444cb306ea599565eaac92ea4f_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:b385c92b069a8dae72e57b69d24e1fff59ad46781579882a1edfa4839fd8bbba_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:044723d62439a8364772ab27be2c04dbd2c0421dbeb0a7b94f70e99e646b4c80_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:d8fe5baa4aefbcf41861743a3cf6c94f8a2a63526e96e5d263a40a8cb8a5ad4e_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:da65bc93513dfb37a4828eaf5e1d4c08265ffdba05028fed95a564341d226771_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:ddb1016901287c80ef1972f25db37b1182e854115671961efb3fc0048cd95800_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:548d610f996e73b67eb21d2993b5ac3d0da02997a48b9c1226072d6d95ae4c3b_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:6307eb5e9195415477b18d701310e8813772b7120d0fc4ac83846e54b46b4745_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:a69777a61feaf373c162a82ffb6f6996df6231c23cb2f1923bdd77c311d7d739_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:e53b330ed0c4ed0803a93b18a6ce290814dcd16dce6eb980809b5b8c6c09deb4_amd64", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:405fa2e3363a3c124a5764d6153b7bcba3d43a3026813085e44c9246d51ca60a_amd64", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:b82d4ecef59b69623ec4d0a9b5537fa52e007336727c92345cd829d80961f14a_s390x", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:e96ea7f3533e7d0836512cbc2b027b60c400aa16c8e4691117608ab4736a059b_ppc64le", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:fdf9ae4924a587c945a85b2319b0471a5688368df572f2de852c51da8bc74dcb_arm64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:1af36144b83dc16cd1958d0414be55eaa2aae95894b6eefd2233308ace81df02_ppc64le", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:2aeec43f11c6572abb7d4468560dc1561a023d9692058a4ac2b13a0cedb44dde_amd64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:8b359fcf74d236fc488ef4553dbaf9dbec549e331f2b103b40139aa2eb1345e4_arm64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:97291260ff17e7e1b1f490a68041613ca5f7c192d848f928eca9b867de47bc4e_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:16eeedaa25dd61c03514479044fde9851c5b4224b718a496e33d43a06f57d5b5_amd64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:928c114e3aca978626ad91889aaed0cc20ca0d641ad946c9a1b1f2424245c795_arm64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c4e260eabb09bacc1aa332ea2001333c671e0fc65a3ef4d04e02b5473b45642d_ppc64le", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c870e034b29dfa320cb6a6bf60021033b622b76a0c4aaaf2a768326ea046b459_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:1e46b8610e037752ecfb30aaac5c7459a81aa119bf0c2b2ffb0dc90cd5701af0_arm64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:51374017a10289e0402363ae2839d110f500be44dc44834dbd8dd66ba0e6f5e9_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:836c0b874ba4fc57b5f79dffacefd2dc0261822cb6dde17d247db39175a5c27f_amd64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:b7b3de98fbcc216c00d3291691f8997183a6409dabed8ea7b10b336c481b2b87_ppc64le", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:6c9ea79e385be44f735efb932079b328200d47869f5f5f9b442fdb76067cac2a_amd64", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8349cdc4677a2dd37c54b058c487d76e8fbe4c76178e805d4745ef5c62bc6151_arm64", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8e8c89c184a5d023f031ab7cca2c4c64cdfd151c37aa5ae3a206cb1f1055268f_ppc64le", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:fdbba855391acd2b33d0b16f9f0e7ba2a9cdbaa90bf71298182954b7f4c8fe76_s390x", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:59174c376ae5563ea3a2a68bf999458f6b905058f57a7779b6dddd7aff252e4f_amd64", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:6877b4207285d7a0e1343f5c1b70bab163d1fd5004f778998d2e612817ea5f06_s390x", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a3661c1cbfa2f8c230ec44ee5e2fecf1967ce48df0c9699f063bd27407b94dac_arm64", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a5a9a7c264f07c789094cb5371729f86700c0cfce4605b573c236c21a46ea9d6_ppc64le", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:3481fdb51147ce735b7864215cacd4c6a24b2c05a9388866f11be887a5fd0d4f_s390x", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:84486a82cd6655d5e5a1fbccae5a2e9335498d3e05422fa325b443c8923c1b75_arm64", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:bdeee76d09265212805e06117c368c96d40c7b46278dc09413fa300c6198ac2d_amd64", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:ceb1bd89103c56378166ab968dbaa387ab0531d1592f053718d0c1c683770e3d_ppc64le", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:4b7544ec460f265afb71c9d362cf9851e3ba250c3ab694ccc9a78c15eb38a612_arm64", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:6695c50772760b400d0535f406f02b7c37436c5ce6932b8d5518b995780287a8_s390x", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:91b398bdccc5dbbfb82913ac52110d0b8e2f6c37ded6aa22b7d97ec4655b4cde_amd64", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:e129649706a536e4ef6e8f770d0bf682f35da55c86c978c749e903b1a2bbe875_ppc64le", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:17dfda9e5f46f9df69171607ec2e078be9362de4c13e2ed20763fc59a7e9cd1a_s390x", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:4eddabb57e6f448c45fba78dc72f1541ccddb11b63a558764d0c105465a76555_amd64", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:581fb02a9670b27810f2ad35bad4a82d2e1eab77fcd1274de05b0a922450d3fc_ppc64le", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:7400391c2a56bc01da6fbbf13bb249a01e90d8eccb8d465dfb19c3598f5fecbe_arm64", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:4b228ecad424ca792139152948e27ed4c714dcfbcd540caf117dee20845018c8_ppc64le", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:7ceb607e7a3205361d8c9d1b44aae47381e2d07b129e40b5f90f55c3a8402774_arm64", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:b17fe936f5d8d8da38d72bf2153b47ac619c460c1f8227b4cb2f37cfc18cd4be_s390x", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:e9a5ef8f2d97357bee0198544d0545c26ee7c7d10116771e510d73eda6c45abe_amd64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:23a4e918b5ffdbad4745e541afad2747bd6b28e534a31e7b5aff74296b27e3e7_amd64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:26de3711356177090694b4bf00821d873127cf8c0675fe42a8f757c5c37a40cd_arm64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:6515a630cddbb13fd14f81fd3b8c3a95f2469eaf599010b42732d8fd794af1b0_s390x", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:736e1fd62ba7b6c56ad1af81ab1260dd7d13a770d62914183aaa2cc2ebb0dc20_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2092793" } ], "notes": [ { "category": "description", "text": "A flaw was found in the crypto/tls golang package. When session tickets are generated by crypto/tls, it is missing the ticket expiration. This issue may allow an attacker to observe the TLS handshakes to correlate successive connections during session resumption.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: crypto/tls: session tickets lack random ticket_age_add", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:8a28d0fad728823ae5a07a259a0866bc507ae9b0f90eb1b4c63567aaf13c377c_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f5b656141ad16ac873d1b886abc3b956380268b6c0dddb8ceac3e79b65edae0a_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f708326772c9ed846e11b053efda56c106d5a72a13482d2a8ecc179cfb957bc9_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:fb98ce01f36b3780192e99b96c688387b5d76892f409b831d6f134ec65d02d4a_amd64" ], "known_not_affected": [ "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:1aae106ecbdeadb77b0fd95133827e7fad4f5fcb9916e56ca0dfccab8bd34bed_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:2c7f0617df666e8cbcd622dee073a35843db4a81caa19b7db3b9fb9264cdf7fc_amd64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7f6671f84fcbe569fceece415dd7beeb8bb7f86c3031bdfb3ac0d0e777051b2f_s390x", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:b30028955a86b6ecdb8c6865328976d74e98f56d6e21277a9f5a812f896b6303_arm64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:25271964483024b3235dd61f7e7bb9dd5e9dfa75f76e6ded5c92580d440ca48b_s390x", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:7dcde13540cc938374463521f91091a7bbf0a037cabfc5e4b55c89497e0ba6bf_arm64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:b7b778111722c0da14ae74580be1813f6ecedf97fcd88de46fd15cc3ace2cb61_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:ec5fc63b94bc9c070f14fd76d4ae26b90e3f29d3694887380a5f8f8ea5a04bc0_amd64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:0c427fa58c97b71eb784e4a590c208b0284cf656f66a268ea4803804ce3ce28a_arm64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:2e3505803004ca421087171bfe9097f6f106c812f840e8b83d1215150b4137c4_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:49746c3a6e7033b1bac90d3515e0f5ab44aaf9c45cce414308da72bb960287b1_amd64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:c8f1a9d09131727033e6e60984c5baa3271adc6a23854b9aabe70f36952d35d6_s390x", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:0be17e173b962f1a87e833096f208c9030fce1128b2b8c86842a0a40f7d6cf02_arm64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:5c79bf93599b792c20c76d9a0a35532ad79a45f3765dccfbafab9a273e338e52_amd64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:a05c071011c96e4db1e4a469883103f4118a304d3e03338083d2a103c0e7c208_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:ad85c5d648363cdb36790b49311f4e07a8584b9e6065cde9d41274a1bd716f0a_s390x", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:90320bd14c632ace987ca1eac05a78068123ef1fc97c401951d073a3f0fd8e66_s390x", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:e45be680b6140f58ff1840649b29aebebad4c5950d9571ca39dfea1dffd669b0_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:f63d0a9a0e3dc9d86e84279c50e9c613d8430e71a3821d418e168250ca3b747c_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0fd63f75b7638fadc78f92a62d6e9731e42c05069f3e93ab0ffd4b004de78100_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:2839bcce06fd5a02f6cc8fce8668fb806ae8f2e0e7174e5c66376792c2d1fd92_s390x", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:7fcb79c1707b3c8b767d8c174e5b64516f200c0bfa255c1f40557446b37debae_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a4e43fc7608837da6a66cb2c5bda4b78b520c3075c0f1f66bb824fa44e2d35fd_arm64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:4283fa3b6ee93404d4fe7b551b52dbd7a4bbd8be0a57cf9b603a68736feefaea_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:7e98ef30dca1071d5abff1be2a3a296cc9a4663162a3828b697637195d314e77_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:b3ee1cad060e7f72414df1ae6c0e27ddf6f6fa7a8e45627ebeb912b8a9ca3b74_arm64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:c6d947e30ec1aa348d573ee93c669f71b38ea93801e71636f5f9ab4609f681b4_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:436307eef035e0e9be448eb6c4f6a690a7d357ed06d661642b082e0d3219864c_amd64", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:53ceb20280569eaf0129686d49d462a3c1d3eaf2829b6eb920e9359be718e2c4_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aa89295f36c99d70e63b07e9fe2c8db348df38b3308870f543efb4be24beca6c_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aed3972894519bc832bd9a340316a752ebb8edbc393051904c399eef7e423dd4_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1808d69232a47c3590a41c1e97126dd06c2727be972b11170b115f2e5d9fec38_amd64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1d5153067a1cb127f74d2bc983d16db8f39313a378f14d13f7e39da28f2251ae_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:5be1e54791e8024f0e1342eba7d4441e0606f9a26be8f52aff51c8665baa41cc_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:f2924c460e8d7e12da359f365f9ec3b13c2d175dd6c11533b12113741eea7292_arm64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:56067372156bb6d00103eecc4b5c80478980036b8143a2e2a73f8a685d0d78ee_amd64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:98724153fa7763d22bcf11c3a5faa6eee0f6c40c4f4f647487e106d2ef427218_s390x", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:a7f8ce55764d4e303d54aaf064d56ee192620d29b361fabcda2a26f364221dc9_arm64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:e3e10a30c35a9cbd5f81d107e9ce86b2410bd10171673521eab1491ebdee2314_ppc64le", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:1de63e2d307841c7707f4d0c09cd1d9cd673bbd7736c5f6c533986a9de0d1118_s390x", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:488e74aed7f420f6112ef1f7b3b5cc812358574ec149ecca1147ff2f9d6d7835_arm64", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:5be8ca7ec79077906c23b52cdaa731866774a2e413babd395d3f24d892bed37a_ppc64le", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:c78e2547f3cff318747e354f09e5954c71fde8840ab8db818050dc9531205e6c_amd64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:09f23f185abfbec175fbea2cc1fba624308c2777b5c8133d9e98daeb4bcfa009_s390x", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3af39faf1795e87018795c35b2ec5074bfcd1bf76b84326446cfb1570bc0d5e0_arm64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3c969356ace5c3bc0fa5d6d8e25a838262b0f6152533f4361034a742eb29ae24_amd64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:f02c115867036c64cdf8669fe7690b94d23b19ad7b969938f7c4cbb00111d403_ppc64le", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:1339f82b15ebe01ba411e70252eb5964a5d622bd28a7fa494786ae6317d3060c_amd64", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:328c0d0e4d06573f2f26bbec39f1a570eb6ddbc26a5c0fa380fec7f840f6475e_arm64", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:e5480dd0b573d0fd949fa2cf22d77ebb5a32765fb95bed18a02fa3155f690f5b_ppc64le", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:fab9c37776dabaa9c510bf243f23407715a1e3bd1c0a0280dc22191c6349a1c0_s390x", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:01517c35f75f1f4f4c3625eb899bff16ae5c114a241c70b56f7de2310ddd065e_s390x", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:33929c835221f166d0eb731f5e553cdf78a5579a124c90b462d4bb5250dc7254_arm64", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:89dad712668e3fdd11a79fdc477a5a2fe1060902bd3f3e575fd2812b4e9f7037_ppc64le", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:fa807a069376c408c56d593bc2e2569cec0c19f105a727a616dea3bd8305953f_amd64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:4f5241425e26875244fab0ec9e96707790ef86edca5265ac01de1ccfc86294c0_amd64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:64c9e84fb923d107d0d4d3f9026510de03f73773cc8348f0025721d26033215c_arm64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:8913009902c71afe34f3a98ed720997e72f764cb7e251a08a2698f2d8ce64e24_s390x", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:c5bcc8c4e5d2a4b7270b04dc1b8e8fa399a0f0bfff1d1cc3e7ec0b7b7b6e0f3f_ppc64le", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:002229b229bf9a13e54dc16e1edacc0cf8c75d6f46948868a045d79dfd38033c_amd64", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:53a9030933e0b2f752461e5337590ad16e891a8fdda897d8a0cb8e135363f0d0_ppc64le", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:d4296089159e15bf3e11f5695a34d10b83875a346545f1d09824b4fe47295cf8_s390x", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:e05489056e65dba4eb291b050c8072608a5efc2ce971b34a903c8c7ca07e0927_arm64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:0d64615d4c3a6fc8e0fc5eb595d8f846f17f7462aaf66b40aa54436fe2b4bd2b_amd64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:c182f0b51bfd9b29ea7363f74522a49b6601418f5db76843231167ef1176f709_s390x", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:d41f6fabaec525dfaac736806b93102479260309f482e155af2b03dc3c9a0c61_arm64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:f35f6472c8138046e2f9017659dfb5a703cd895032a21d6d95c1075173005f7c_ppc64le", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:83354271af399291790b9c3e2e98ba1db7fac99b48a385d50e7318b357f882ca_ppc64le", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:cc5f8499009dc316d936c3a57f9a9457d5f2bbc8568e2b484a7c8b1cc676da7c_arm64", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:e79bba365fb1a5edb7cc53d07cebdbb56e861948dedd61e9697f14a8defc300b_amd64", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:f7a86d6209a19498e56da1f39533a1198af35c2a9e3c824cea252eb34d737219_s390x", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:41d64847ac789df45b51aeca8debfa2a5ac7ff15ad880ba7213ce8afbe4aff2e_amd64", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:5a32ad8c8e7792f9679a604f073bce047c4f8fdd713a655ae83314e27366c5af_arm64", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:7040938ffaa1682dfefe95a614335b9d4f59aac472e47937f1d19f8325d985e6_ppc64le", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:9d25ef8c29b2dac4660e18c17d0286fa2ff0f6f6383b6bf795f7e5e6f70b950e_s390x", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:4bf538ff68126949da79f7b1ab97a44a64529e240cd3f84360a88bb6a9a08e4d_ppc64le", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:57bf2eca5df0be601d7dd59357e95d078bf69d26c1b26cdd56d0d311df123d5a_arm64", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:65f96884ed34103842217b26597ec413197db699aeb004daeca08f1d08014f46_amd64", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:ed01454411cbdfb20661aecc76e00767b5ec122e27a379159476eabba741b94e_s390x", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:523776c04653aac8c750ff48156fd7a5b0efd9ad35c40cbacdbe0ca6dda48217_amd64", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:7cea9ce9aeb26df137590353de05b8a88ee55faa43cecde68e40fb875f9844cd_arm64", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:866125412b6812710734b9e72d09581be40879bb57236e37660e2d29210a37ad_s390x", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:c89f9fed1ce56a6baf10808454b01d4df88571db744feb2bfae8b5707d82013f_ppc64le", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:407178ad223483b92a382e0fb916de9f42f1a0db9aaacb66710a7a743f1c3dce_arm64", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:455dde7a89b1505c93651022451b83e1e8f86186b98f660e3c6ad998a97d48f3_ppc64le", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:95de0275698ef704379246e088763c3827171487049b9cfb857712ddbdef46e9_amd64", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:f0397b30dc7b824b0e37a256c5a067585885c80db1033b44a13fe56446cd80a9_s390x", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:1f27bc62a66413a31d2d680ecd2a8ed9c9d378341da56b788cd86c98151a1fd4_s390x", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:534420075e829b5881f6cd3f32d4aa90ea3075de869b84f689c9606d4f03521a_arm64", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:8cc675a0cf4ff24b28c0b75a54fc4f3328c6a9f041f21d1814d210b7704f6970_amd64", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:c56179f297ebab2ef9851417ec42ac6c16b6f8cb3627c243ff6984d2dd6ac76d_ppc64le", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:3b94abf5182934113b1cf9b8688a2da977d5fec3110f2d79b81b2ec46ffeada3_ppc64le", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:70aa7c3711b4085caa9ba50295dfedf9b2cd3a1b37e815e4a7245c1aef0cfe22_s390x", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:bea2ee18f401ec1b4c4b87f40f6f79a4418d6aafad5e2b50099f7541b6699de7_arm64", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:f45de50d8d7b6a285317a3bc1c413427841c8d6fab742f6de0a61bad9722b61e_amd64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:094b84362782a88d8b0c7a75a23dd5ae3ff846913f0a49e732d53cc0efdf6a61_arm64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:708e8f9531f5cc33a2543956eb0c940e5ad36d2ac196903a0beaa42944cb543f_ppc64le", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:baa029b8feb59ec4d626f021ebf777cc991c1a24c29c321c40513b91641f4bbc_amd64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:c7937a592a255199c316e30c499d0c150cc95c3f208e46d8a936a5bc03a1fed6_s390x", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:21d28e1c3d1c7e8803261867c20a29df444676780ed9d4cc9f1dd1c8dbd68688_amd64", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6bac06a2e1e181fe4920a33df5ce433635871a42ba30fbbe0adff1c505fbab4b_ppc64le", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6c7cb2786f6863e7d1c8554f159c68123921d22bbd7bec5fc3532cad991937b4_s390x", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:e044af5fee732dd9923759b312c3b72dd4b6ab1780456973f35677d72586913e_arm64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:21644ef77ec046c79fb64f612245ac5d59c0aa569c548b48062da8896d159696_s390x", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:2358249e2cf40d054cca5711f39091e2f0cbd44e61a24d3c1dd1a9e79cc440b1_arm64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:9638fab8d1439730395607cc99bcda33eae5e813778398888124e8ae319cb80e_amd64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:e06aed89ad0c48bef78e45512d22c3373f62c63d335d953ba064b160a68fcad2_ppc64le", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:1063ef655f5dd15b0b914572ba672892eb53b441ae151d14cffca9d320860f2d_ppc64le", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:3f0ab9161698eb9e3342c3b3fc70d5ca9c420cdcc5a5ccebc8cc993dfefb9dc3_amd64", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:651c4ac3da42bc2acfe9bff35e397ccf5e88abb6303622f3244d6ccb9b8f9e0d_s390x", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:f02a569222e13356f5fbdef5b7d2da943e6f6071fd88ba75a2565b3d340b6c3a_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:49083d7039af6df4bd639dd998162c96dc586da4d828ffbe9c880a8a8d6d13d6_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:68228ba1ef7bf5631f0cab91cb4e9f86c3d24c1ad587332d42c4f85e1a3608d7_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:93da29b41da3c87d4bffaf42369b50217f5d8f81d0a82c4108c27a3c40f544d8_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:f212909bc9ed5be6da68a3b6a4866fdc17ecc3514b075977a8679998d6742cbe_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:299f0753c65ab4e609418fd5515bdcb041bee357f4db192ae32a24ad0c4d7853_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:62520c406cdbd823e99e8ee9ff9119b61cb6880fcb1335211b6520bedec564f2_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:9c58c89cb0173394684d7d23178ad32eb2d571444cb306ea599565eaac92ea4f_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:b385c92b069a8dae72e57b69d24e1fff59ad46781579882a1edfa4839fd8bbba_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:044723d62439a8364772ab27be2c04dbd2c0421dbeb0a7b94f70e99e646b4c80_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:d8fe5baa4aefbcf41861743a3cf6c94f8a2a63526e96e5d263a40a8cb8a5ad4e_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:da65bc93513dfb37a4828eaf5e1d4c08265ffdba05028fed95a564341d226771_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:ddb1016901287c80ef1972f25db37b1182e854115671961efb3fc0048cd95800_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:548d610f996e73b67eb21d2993b5ac3d0da02997a48b9c1226072d6d95ae4c3b_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:6307eb5e9195415477b18d701310e8813772b7120d0fc4ac83846e54b46b4745_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:a69777a61feaf373c162a82ffb6f6996df6231c23cb2f1923bdd77c311d7d739_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:e53b330ed0c4ed0803a93b18a6ce290814dcd16dce6eb980809b5b8c6c09deb4_amd64", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:405fa2e3363a3c124a5764d6153b7bcba3d43a3026813085e44c9246d51ca60a_amd64", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:b82d4ecef59b69623ec4d0a9b5537fa52e007336727c92345cd829d80961f14a_s390x", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:e96ea7f3533e7d0836512cbc2b027b60c400aa16c8e4691117608ab4736a059b_ppc64le", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:fdf9ae4924a587c945a85b2319b0471a5688368df572f2de852c51da8bc74dcb_arm64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:1af36144b83dc16cd1958d0414be55eaa2aae95894b6eefd2233308ace81df02_ppc64le", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:2aeec43f11c6572abb7d4468560dc1561a023d9692058a4ac2b13a0cedb44dde_amd64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:8b359fcf74d236fc488ef4553dbaf9dbec549e331f2b103b40139aa2eb1345e4_arm64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:97291260ff17e7e1b1f490a68041613ca5f7c192d848f928eca9b867de47bc4e_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:16eeedaa25dd61c03514479044fde9851c5b4224b718a496e33d43a06f57d5b5_amd64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:928c114e3aca978626ad91889aaed0cc20ca0d641ad946c9a1b1f2424245c795_arm64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c4e260eabb09bacc1aa332ea2001333c671e0fc65a3ef4d04e02b5473b45642d_ppc64le", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c870e034b29dfa320cb6a6bf60021033b622b76a0c4aaaf2a768326ea046b459_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:1e46b8610e037752ecfb30aaac5c7459a81aa119bf0c2b2ffb0dc90cd5701af0_arm64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:51374017a10289e0402363ae2839d110f500be44dc44834dbd8dd66ba0e6f5e9_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:836c0b874ba4fc57b5f79dffacefd2dc0261822cb6dde17d247db39175a5c27f_amd64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:b7b3de98fbcc216c00d3291691f8997183a6409dabed8ea7b10b336c481b2b87_ppc64le", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:6c9ea79e385be44f735efb932079b328200d47869f5f5f9b442fdb76067cac2a_amd64", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8349cdc4677a2dd37c54b058c487d76e8fbe4c76178e805d4745ef5c62bc6151_arm64", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8e8c89c184a5d023f031ab7cca2c4c64cdfd151c37aa5ae3a206cb1f1055268f_ppc64le", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:fdbba855391acd2b33d0b16f9f0e7ba2a9cdbaa90bf71298182954b7f4c8fe76_s390x", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:59174c376ae5563ea3a2a68bf999458f6b905058f57a7779b6dddd7aff252e4f_amd64", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:6877b4207285d7a0e1343f5c1b70bab163d1fd5004f778998d2e612817ea5f06_s390x", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a3661c1cbfa2f8c230ec44ee5e2fecf1967ce48df0c9699f063bd27407b94dac_arm64", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a5a9a7c264f07c789094cb5371729f86700c0cfce4605b573c236c21a46ea9d6_ppc64le", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:3481fdb51147ce735b7864215cacd4c6a24b2c05a9388866f11be887a5fd0d4f_s390x", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:84486a82cd6655d5e5a1fbccae5a2e9335498d3e05422fa325b443c8923c1b75_arm64", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:bdeee76d09265212805e06117c368c96d40c7b46278dc09413fa300c6198ac2d_amd64", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:ceb1bd89103c56378166ab968dbaa387ab0531d1592f053718d0c1c683770e3d_ppc64le", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:4b7544ec460f265afb71c9d362cf9851e3ba250c3ab694ccc9a78c15eb38a612_arm64", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:6695c50772760b400d0535f406f02b7c37436c5ce6932b8d5518b995780287a8_s390x", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:91b398bdccc5dbbfb82913ac52110d0b8e2f6c37ded6aa22b7d97ec4655b4cde_amd64", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:e129649706a536e4ef6e8f770d0bf682f35da55c86c978c749e903b1a2bbe875_ppc64le", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:17dfda9e5f46f9df69171607ec2e078be9362de4c13e2ed20763fc59a7e9cd1a_s390x", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:4eddabb57e6f448c45fba78dc72f1541ccddb11b63a558764d0c105465a76555_amd64", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:581fb02a9670b27810f2ad35bad4a82d2e1eab77fcd1274de05b0a922450d3fc_ppc64le", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:7400391c2a56bc01da6fbbf13bb249a01e90d8eccb8d465dfb19c3598f5fecbe_arm64", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:4b228ecad424ca792139152948e27ed4c714dcfbcd540caf117dee20845018c8_ppc64le", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:7ceb607e7a3205361d8c9d1b44aae47381e2d07b129e40b5f90f55c3a8402774_arm64", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:b17fe936f5d8d8da38d72bf2153b47ac619c460c1f8227b4cb2f37cfc18cd4be_s390x", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:e9a5ef8f2d97357bee0198544d0545c26ee7c7d10116771e510d73eda6c45abe_amd64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:23a4e918b5ffdbad4745e541afad2747bd6b28e534a31e7b5aff74296b27e3e7_amd64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:26de3711356177090694b4bf00821d873127cf8c0675fe42a8f757c5c37a40cd_arm64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:6515a630cddbb13fd14f81fd3b8c3a95f2469eaf599010b42732d8fd794af1b0_s390x", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:736e1fd62ba7b6c56ad1af81ab1260dd7d13a770d62914183aaa2cc2ebb0dc20_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-30629" }, { "category": "external", "summary": "RHBZ#2092793", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092793" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30629", "url": "https://www.cve.org/CVERecord?id=CVE-2022-30629" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30629", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30629" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg", "url": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg" } ], "release_date": "2022-06-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-07T18:36:08+00:00", "details": "For Red Hat Advanced Cluster Management for Kubernetes, see the following\ndocumentation, which will be updated shortly for this release, for important\ninstructions on installing this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:8a28d0fad728823ae5a07a259a0866bc507ae9b0f90eb1b4c63567aaf13c377c_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f5b656141ad16ac873d1b886abc3b956380268b6c0dddb8ceac3e79b65edae0a_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f708326772c9ed846e11b053efda56c106d5a72a13482d2a8ecc179cfb957bc9_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:fb98ce01f36b3780192e99b96c688387b5d76892f409b831d6f134ec65d02d4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0630" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:8a28d0fad728823ae5a07a259a0866bc507ae9b0f90eb1b4c63567aaf13c377c_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f5b656141ad16ac873d1b886abc3b956380268b6c0dddb8ceac3e79b65edae0a_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f708326772c9ed846e11b053efda56c106d5a72a13482d2a8ecc179cfb957bc9_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:fb98ce01f36b3780192e99b96c688387b5d76892f409b831d6f134ec65d02d4a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "golang: crypto/tls: session tickets lack random ticket_age_add" }, { "cve": "CVE-2022-41912", "cwe": { "id": "CWE-165", "name": "Improper Neutralization of Multiple Internal Special Elements" }, "discovery_date": "2022-11-29T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:1aae106ecbdeadb77b0fd95133827e7fad4f5fcb9916e56ca0dfccab8bd34bed_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:2c7f0617df666e8cbcd622dee073a35843db4a81caa19b7db3b9fb9264cdf7fc_amd64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7f6671f84fcbe569fceece415dd7beeb8bb7f86c3031bdfb3ac0d0e777051b2f_s390x", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:b30028955a86b6ecdb8c6865328976d74e98f56d6e21277a9f5a812f896b6303_arm64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:25271964483024b3235dd61f7e7bb9dd5e9dfa75f76e6ded5c92580d440ca48b_s390x", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:7dcde13540cc938374463521f91091a7bbf0a037cabfc5e4b55c89497e0ba6bf_arm64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:b7b778111722c0da14ae74580be1813f6ecedf97fcd88de46fd15cc3ace2cb61_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:ec5fc63b94bc9c070f14fd76d4ae26b90e3f29d3694887380a5f8f8ea5a04bc0_amd64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:0be17e173b962f1a87e833096f208c9030fce1128b2b8c86842a0a40f7d6cf02_arm64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:5c79bf93599b792c20c76d9a0a35532ad79a45f3765dccfbafab9a273e338e52_amd64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:a05c071011c96e4db1e4a469883103f4118a304d3e03338083d2a103c0e7c208_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:ad85c5d648363cdb36790b49311f4e07a8584b9e6065cde9d41274a1bd716f0a_s390x", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:90320bd14c632ace987ca1eac05a78068123ef1fc97c401951d073a3f0fd8e66_s390x", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:e45be680b6140f58ff1840649b29aebebad4c5950d9571ca39dfea1dffd669b0_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:f63d0a9a0e3dc9d86e84279c50e9c613d8430e71a3821d418e168250ca3b747c_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0fd63f75b7638fadc78f92a62d6e9731e42c05069f3e93ab0ffd4b004de78100_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:2839bcce06fd5a02f6cc8fce8668fb806ae8f2e0e7174e5c66376792c2d1fd92_s390x", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:7fcb79c1707b3c8b767d8c174e5b64516f200c0bfa255c1f40557446b37debae_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a4e43fc7608837da6a66cb2c5bda4b78b520c3075c0f1f66bb824fa44e2d35fd_arm64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:4283fa3b6ee93404d4fe7b551b52dbd7a4bbd8be0a57cf9b603a68736feefaea_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:7e98ef30dca1071d5abff1be2a3a296cc9a4663162a3828b697637195d314e77_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:b3ee1cad060e7f72414df1ae6c0e27ddf6f6fa7a8e45627ebeb912b8a9ca3b74_arm64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:c6d947e30ec1aa348d573ee93c669f71b38ea93801e71636f5f9ab4609f681b4_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:436307eef035e0e9be448eb6c4f6a690a7d357ed06d661642b082e0d3219864c_amd64", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:53ceb20280569eaf0129686d49d462a3c1d3eaf2829b6eb920e9359be718e2c4_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aa89295f36c99d70e63b07e9fe2c8db348df38b3308870f543efb4be24beca6c_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aed3972894519bc832bd9a340316a752ebb8edbc393051904c399eef7e423dd4_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1808d69232a47c3590a41c1e97126dd06c2727be972b11170b115f2e5d9fec38_amd64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1d5153067a1cb127f74d2bc983d16db8f39313a378f14d13f7e39da28f2251ae_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:5be1e54791e8024f0e1342eba7d4441e0606f9a26be8f52aff51c8665baa41cc_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:f2924c460e8d7e12da359f365f9ec3b13c2d175dd6c11533b12113741eea7292_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:8a28d0fad728823ae5a07a259a0866bc507ae9b0f90eb1b4c63567aaf13c377c_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f5b656141ad16ac873d1b886abc3b956380268b6c0dddb8ceac3e79b65edae0a_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f708326772c9ed846e11b053efda56c106d5a72a13482d2a8ecc179cfb957bc9_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:fb98ce01f36b3780192e99b96c688387b5d76892f409b831d6f134ec65d02d4a_amd64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:56067372156bb6d00103eecc4b5c80478980036b8143a2e2a73f8a685d0d78ee_amd64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:98724153fa7763d22bcf11c3a5faa6eee0f6c40c4f4f647487e106d2ef427218_s390x", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:a7f8ce55764d4e303d54aaf064d56ee192620d29b361fabcda2a26f364221dc9_arm64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:e3e10a30c35a9cbd5f81d107e9ce86b2410bd10171673521eab1491ebdee2314_ppc64le", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:1de63e2d307841c7707f4d0c09cd1d9cd673bbd7736c5f6c533986a9de0d1118_s390x", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:488e74aed7f420f6112ef1f7b3b5cc812358574ec149ecca1147ff2f9d6d7835_arm64", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:5be8ca7ec79077906c23b52cdaa731866774a2e413babd395d3f24d892bed37a_ppc64le", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:c78e2547f3cff318747e354f09e5954c71fde8840ab8db818050dc9531205e6c_amd64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:09f23f185abfbec175fbea2cc1fba624308c2777b5c8133d9e98daeb4bcfa009_s390x", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3af39faf1795e87018795c35b2ec5074bfcd1bf76b84326446cfb1570bc0d5e0_arm64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3c969356ace5c3bc0fa5d6d8e25a838262b0f6152533f4361034a742eb29ae24_amd64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:f02c115867036c64cdf8669fe7690b94d23b19ad7b969938f7c4cbb00111d403_ppc64le", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:1339f82b15ebe01ba411e70252eb5964a5d622bd28a7fa494786ae6317d3060c_amd64", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:328c0d0e4d06573f2f26bbec39f1a570eb6ddbc26a5c0fa380fec7f840f6475e_arm64", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:e5480dd0b573d0fd949fa2cf22d77ebb5a32765fb95bed18a02fa3155f690f5b_ppc64le", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:fab9c37776dabaa9c510bf243f23407715a1e3bd1c0a0280dc22191c6349a1c0_s390x", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:01517c35f75f1f4f4c3625eb899bff16ae5c114a241c70b56f7de2310ddd065e_s390x", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:33929c835221f166d0eb731f5e553cdf78a5579a124c90b462d4bb5250dc7254_arm64", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:89dad712668e3fdd11a79fdc477a5a2fe1060902bd3f3e575fd2812b4e9f7037_ppc64le", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:fa807a069376c408c56d593bc2e2569cec0c19f105a727a616dea3bd8305953f_amd64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:4f5241425e26875244fab0ec9e96707790ef86edca5265ac01de1ccfc86294c0_amd64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:64c9e84fb923d107d0d4d3f9026510de03f73773cc8348f0025721d26033215c_arm64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:8913009902c71afe34f3a98ed720997e72f764cb7e251a08a2698f2d8ce64e24_s390x", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:c5bcc8c4e5d2a4b7270b04dc1b8e8fa399a0f0bfff1d1cc3e7ec0b7b7b6e0f3f_ppc64le", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:002229b229bf9a13e54dc16e1edacc0cf8c75d6f46948868a045d79dfd38033c_amd64", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:53a9030933e0b2f752461e5337590ad16e891a8fdda897d8a0cb8e135363f0d0_ppc64le", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:d4296089159e15bf3e11f5695a34d10b83875a346545f1d09824b4fe47295cf8_s390x", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:e05489056e65dba4eb291b050c8072608a5efc2ce971b34a903c8c7ca07e0927_arm64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:0d64615d4c3a6fc8e0fc5eb595d8f846f17f7462aaf66b40aa54436fe2b4bd2b_amd64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:c182f0b51bfd9b29ea7363f74522a49b6601418f5db76843231167ef1176f709_s390x", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:d41f6fabaec525dfaac736806b93102479260309f482e155af2b03dc3c9a0c61_arm64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:f35f6472c8138046e2f9017659dfb5a703cd895032a21d6d95c1075173005f7c_ppc64le", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:83354271af399291790b9c3e2e98ba1db7fac99b48a385d50e7318b357f882ca_ppc64le", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:cc5f8499009dc316d936c3a57f9a9457d5f2bbc8568e2b484a7c8b1cc676da7c_arm64", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:e79bba365fb1a5edb7cc53d07cebdbb56e861948dedd61e9697f14a8defc300b_amd64", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:f7a86d6209a19498e56da1f39533a1198af35c2a9e3c824cea252eb34d737219_s390x", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:41d64847ac789df45b51aeca8debfa2a5ac7ff15ad880ba7213ce8afbe4aff2e_amd64", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:5a32ad8c8e7792f9679a604f073bce047c4f8fdd713a655ae83314e27366c5af_arm64", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:7040938ffaa1682dfefe95a614335b9d4f59aac472e47937f1d19f8325d985e6_ppc64le", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:9d25ef8c29b2dac4660e18c17d0286fa2ff0f6f6383b6bf795f7e5e6f70b950e_s390x", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:4bf538ff68126949da79f7b1ab97a44a64529e240cd3f84360a88bb6a9a08e4d_ppc64le", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:57bf2eca5df0be601d7dd59357e95d078bf69d26c1b26cdd56d0d311df123d5a_arm64", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:65f96884ed34103842217b26597ec413197db699aeb004daeca08f1d08014f46_amd64", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:ed01454411cbdfb20661aecc76e00767b5ec122e27a379159476eabba741b94e_s390x", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:523776c04653aac8c750ff48156fd7a5b0efd9ad35c40cbacdbe0ca6dda48217_amd64", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:7cea9ce9aeb26df137590353de05b8a88ee55faa43cecde68e40fb875f9844cd_arm64", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:866125412b6812710734b9e72d09581be40879bb57236e37660e2d29210a37ad_s390x", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:c89f9fed1ce56a6baf10808454b01d4df88571db744feb2bfae8b5707d82013f_ppc64le", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:407178ad223483b92a382e0fb916de9f42f1a0db9aaacb66710a7a743f1c3dce_arm64", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:455dde7a89b1505c93651022451b83e1e8f86186b98f660e3c6ad998a97d48f3_ppc64le", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:95de0275698ef704379246e088763c3827171487049b9cfb857712ddbdef46e9_amd64", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:f0397b30dc7b824b0e37a256c5a067585885c80db1033b44a13fe56446cd80a9_s390x", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:1f27bc62a66413a31d2d680ecd2a8ed9c9d378341da56b788cd86c98151a1fd4_s390x", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:534420075e829b5881f6cd3f32d4aa90ea3075de869b84f689c9606d4f03521a_arm64", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:8cc675a0cf4ff24b28c0b75a54fc4f3328c6a9f041f21d1814d210b7704f6970_amd64", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:c56179f297ebab2ef9851417ec42ac6c16b6f8cb3627c243ff6984d2dd6ac76d_ppc64le", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:3b94abf5182934113b1cf9b8688a2da977d5fec3110f2d79b81b2ec46ffeada3_ppc64le", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:70aa7c3711b4085caa9ba50295dfedf9b2cd3a1b37e815e4a7245c1aef0cfe22_s390x", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:bea2ee18f401ec1b4c4b87f40f6f79a4418d6aafad5e2b50099f7541b6699de7_arm64", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:f45de50d8d7b6a285317a3bc1c413427841c8d6fab742f6de0a61bad9722b61e_amd64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:094b84362782a88d8b0c7a75a23dd5ae3ff846913f0a49e732d53cc0efdf6a61_arm64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:708e8f9531f5cc33a2543956eb0c940e5ad36d2ac196903a0beaa42944cb543f_ppc64le", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:baa029b8feb59ec4d626f021ebf777cc991c1a24c29c321c40513b91641f4bbc_amd64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:c7937a592a255199c316e30c499d0c150cc95c3f208e46d8a936a5bc03a1fed6_s390x", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:21d28e1c3d1c7e8803261867c20a29df444676780ed9d4cc9f1dd1c8dbd68688_amd64", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6bac06a2e1e181fe4920a33df5ce433635871a42ba30fbbe0adff1c505fbab4b_ppc64le", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6c7cb2786f6863e7d1c8554f159c68123921d22bbd7bec5fc3532cad991937b4_s390x", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:e044af5fee732dd9923759b312c3b72dd4b6ab1780456973f35677d72586913e_arm64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:21644ef77ec046c79fb64f612245ac5d59c0aa569c548b48062da8896d159696_s390x", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:2358249e2cf40d054cca5711f39091e2f0cbd44e61a24d3c1dd1a9e79cc440b1_arm64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:9638fab8d1439730395607cc99bcda33eae5e813778398888124e8ae319cb80e_amd64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:e06aed89ad0c48bef78e45512d22c3373f62c63d335d953ba064b160a68fcad2_ppc64le", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:1063ef655f5dd15b0b914572ba672892eb53b441ae151d14cffca9d320860f2d_ppc64le", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:3f0ab9161698eb9e3342c3b3fc70d5ca9c420cdcc5a5ccebc8cc993dfefb9dc3_amd64", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:651c4ac3da42bc2acfe9bff35e397ccf5e88abb6303622f3244d6ccb9b8f9e0d_s390x", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:f02a569222e13356f5fbdef5b7d2da943e6f6071fd88ba75a2565b3d340b6c3a_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:49083d7039af6df4bd639dd998162c96dc586da4d828ffbe9c880a8a8d6d13d6_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:68228ba1ef7bf5631f0cab91cb4e9f86c3d24c1ad587332d42c4f85e1a3608d7_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:93da29b41da3c87d4bffaf42369b50217f5d8f81d0a82c4108c27a3c40f544d8_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:f212909bc9ed5be6da68a3b6a4866fdc17ecc3514b075977a8679998d6742cbe_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:299f0753c65ab4e609418fd5515bdcb041bee357f4db192ae32a24ad0c4d7853_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:62520c406cdbd823e99e8ee9ff9119b61cb6880fcb1335211b6520bedec564f2_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:9c58c89cb0173394684d7d23178ad32eb2d571444cb306ea599565eaac92ea4f_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:b385c92b069a8dae72e57b69d24e1fff59ad46781579882a1edfa4839fd8bbba_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:044723d62439a8364772ab27be2c04dbd2c0421dbeb0a7b94f70e99e646b4c80_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:d8fe5baa4aefbcf41861743a3cf6c94f8a2a63526e96e5d263a40a8cb8a5ad4e_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:da65bc93513dfb37a4828eaf5e1d4c08265ffdba05028fed95a564341d226771_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:ddb1016901287c80ef1972f25db37b1182e854115671961efb3fc0048cd95800_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:548d610f996e73b67eb21d2993b5ac3d0da02997a48b9c1226072d6d95ae4c3b_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:6307eb5e9195415477b18d701310e8813772b7120d0fc4ac83846e54b46b4745_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:a69777a61feaf373c162a82ffb6f6996df6231c23cb2f1923bdd77c311d7d739_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:e53b330ed0c4ed0803a93b18a6ce290814dcd16dce6eb980809b5b8c6c09deb4_amd64", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:405fa2e3363a3c124a5764d6153b7bcba3d43a3026813085e44c9246d51ca60a_amd64", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:b82d4ecef59b69623ec4d0a9b5537fa52e007336727c92345cd829d80961f14a_s390x", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:e96ea7f3533e7d0836512cbc2b027b60c400aa16c8e4691117608ab4736a059b_ppc64le", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:fdf9ae4924a587c945a85b2319b0471a5688368df572f2de852c51da8bc74dcb_arm64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:1af36144b83dc16cd1958d0414be55eaa2aae95894b6eefd2233308ace81df02_ppc64le", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:2aeec43f11c6572abb7d4468560dc1561a023d9692058a4ac2b13a0cedb44dde_amd64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:8b359fcf74d236fc488ef4553dbaf9dbec549e331f2b103b40139aa2eb1345e4_arm64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:97291260ff17e7e1b1f490a68041613ca5f7c192d848f928eca9b867de47bc4e_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:16eeedaa25dd61c03514479044fde9851c5b4224b718a496e33d43a06f57d5b5_amd64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:928c114e3aca978626ad91889aaed0cc20ca0d641ad946c9a1b1f2424245c795_arm64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c4e260eabb09bacc1aa332ea2001333c671e0fc65a3ef4d04e02b5473b45642d_ppc64le", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c870e034b29dfa320cb6a6bf60021033b622b76a0c4aaaf2a768326ea046b459_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:1e46b8610e037752ecfb30aaac5c7459a81aa119bf0c2b2ffb0dc90cd5701af0_arm64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:51374017a10289e0402363ae2839d110f500be44dc44834dbd8dd66ba0e6f5e9_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:836c0b874ba4fc57b5f79dffacefd2dc0261822cb6dde17d247db39175a5c27f_amd64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:b7b3de98fbcc216c00d3291691f8997183a6409dabed8ea7b10b336c481b2b87_ppc64le", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:6c9ea79e385be44f735efb932079b328200d47869f5f5f9b442fdb76067cac2a_amd64", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8349cdc4677a2dd37c54b058c487d76e8fbe4c76178e805d4745ef5c62bc6151_arm64", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8e8c89c184a5d023f031ab7cca2c4c64cdfd151c37aa5ae3a206cb1f1055268f_ppc64le", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:fdbba855391acd2b33d0b16f9f0e7ba2a9cdbaa90bf71298182954b7f4c8fe76_s390x", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:59174c376ae5563ea3a2a68bf999458f6b905058f57a7779b6dddd7aff252e4f_amd64", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:6877b4207285d7a0e1343f5c1b70bab163d1fd5004f778998d2e612817ea5f06_s390x", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a3661c1cbfa2f8c230ec44ee5e2fecf1967ce48df0c9699f063bd27407b94dac_arm64", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a5a9a7c264f07c789094cb5371729f86700c0cfce4605b573c236c21a46ea9d6_ppc64le", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:3481fdb51147ce735b7864215cacd4c6a24b2c05a9388866f11be887a5fd0d4f_s390x", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:84486a82cd6655d5e5a1fbccae5a2e9335498d3e05422fa325b443c8923c1b75_arm64", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:bdeee76d09265212805e06117c368c96d40c7b46278dc09413fa300c6198ac2d_amd64", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:ceb1bd89103c56378166ab968dbaa387ab0531d1592f053718d0c1c683770e3d_ppc64le", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:4b7544ec460f265afb71c9d362cf9851e3ba250c3ab694ccc9a78c15eb38a612_arm64", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:6695c50772760b400d0535f406f02b7c37436c5ce6932b8d5518b995780287a8_s390x", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:91b398bdccc5dbbfb82913ac52110d0b8e2f6c37ded6aa22b7d97ec4655b4cde_amd64", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:e129649706a536e4ef6e8f770d0bf682f35da55c86c978c749e903b1a2bbe875_ppc64le", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:17dfda9e5f46f9df69171607ec2e078be9362de4c13e2ed20763fc59a7e9cd1a_s390x", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:4eddabb57e6f448c45fba78dc72f1541ccddb11b63a558764d0c105465a76555_amd64", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:581fb02a9670b27810f2ad35bad4a82d2e1eab77fcd1274de05b0a922450d3fc_ppc64le", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:7400391c2a56bc01da6fbbf13bb249a01e90d8eccb8d465dfb19c3598f5fecbe_arm64", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:4b228ecad424ca792139152948e27ed4c714dcfbcd540caf117dee20845018c8_ppc64le", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:7ceb607e7a3205361d8c9d1b44aae47381e2d07b129e40b5f90f55c3a8402774_arm64", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:b17fe936f5d8d8da38d72bf2153b47ac619c460c1f8227b4cb2f37cfc18cd4be_s390x", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:e9a5ef8f2d97357bee0198544d0545c26ee7c7d10116771e510d73eda6c45abe_amd64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:23a4e918b5ffdbad4745e541afad2747bd6b28e534a31e7b5aff74296b27e3e7_amd64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:26de3711356177090694b4bf00821d873127cf8c0675fe42a8f757c5c37a40cd_arm64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:6515a630cddbb13fd14f81fd3b8c3a95f2469eaf599010b42732d8fd794af1b0_s390x", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:736e1fd62ba7b6c56ad1af81ab1260dd7d13a770d62914183aaa2cc2ebb0dc20_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2149181" } ], "notes": [ { "category": "description", "text": "An authentication bypass flaw was discovered in the crewjam/saml go package. A remote unauthenticated attacker could trigger it by sending a SAML request. This would allow an escalation of privileges and then enable compromising system integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements", "title": "Vulnerability summary" }, { "category": "other", "text": "Whilst the Red Hat Advanced Cluster Management for Kubernetes (RHACM) acm-grafana container include the vulnerable underscore library, the access to it is protected by OpenShift OAuth. Therefore the impact by this flaw is reduced from Critical to Important.\n\nThe OCP grafana-container includes the vulnerable underscore library, the access to it is protected by OpenShift OAuth. Therefore the impact by this flaw is reduced from Critical to Important.\n\nWhile Red Hat Ceph Storage 4\u0027s grafana-container includes the affected code, this is used for logging and limits access to the rest of the Ceph cluster. Thus the impact has been reduced from critical to important. Red Hat Ceph Storage 3 and 4 do not use crewjam/saml in their version of grafana.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:0c427fa58c97b71eb784e4a590c208b0284cf656f66a268ea4803804ce3ce28a_arm64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:2e3505803004ca421087171bfe9097f6f106c812f840e8b83d1215150b4137c4_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:49746c3a6e7033b1bac90d3515e0f5ab44aaf9c45cce414308da72bb960287b1_amd64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:c8f1a9d09131727033e6e60984c5baa3271adc6a23854b9aabe70f36952d35d6_s390x" ], "known_not_affected": [ "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:1aae106ecbdeadb77b0fd95133827e7fad4f5fcb9916e56ca0dfccab8bd34bed_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:2c7f0617df666e8cbcd622dee073a35843db4a81caa19b7db3b9fb9264cdf7fc_amd64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7f6671f84fcbe569fceece415dd7beeb8bb7f86c3031bdfb3ac0d0e777051b2f_s390x", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:b30028955a86b6ecdb8c6865328976d74e98f56d6e21277a9f5a812f896b6303_arm64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:25271964483024b3235dd61f7e7bb9dd5e9dfa75f76e6ded5c92580d440ca48b_s390x", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:7dcde13540cc938374463521f91091a7bbf0a037cabfc5e4b55c89497e0ba6bf_arm64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:b7b778111722c0da14ae74580be1813f6ecedf97fcd88de46fd15cc3ace2cb61_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:ec5fc63b94bc9c070f14fd76d4ae26b90e3f29d3694887380a5f8f8ea5a04bc0_amd64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:0be17e173b962f1a87e833096f208c9030fce1128b2b8c86842a0a40f7d6cf02_arm64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:5c79bf93599b792c20c76d9a0a35532ad79a45f3765dccfbafab9a273e338e52_amd64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:a05c071011c96e4db1e4a469883103f4118a304d3e03338083d2a103c0e7c208_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:ad85c5d648363cdb36790b49311f4e07a8584b9e6065cde9d41274a1bd716f0a_s390x", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:90320bd14c632ace987ca1eac05a78068123ef1fc97c401951d073a3f0fd8e66_s390x", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:e45be680b6140f58ff1840649b29aebebad4c5950d9571ca39dfea1dffd669b0_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:f63d0a9a0e3dc9d86e84279c50e9c613d8430e71a3821d418e168250ca3b747c_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0fd63f75b7638fadc78f92a62d6e9731e42c05069f3e93ab0ffd4b004de78100_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:2839bcce06fd5a02f6cc8fce8668fb806ae8f2e0e7174e5c66376792c2d1fd92_s390x", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:7fcb79c1707b3c8b767d8c174e5b64516f200c0bfa255c1f40557446b37debae_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a4e43fc7608837da6a66cb2c5bda4b78b520c3075c0f1f66bb824fa44e2d35fd_arm64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:4283fa3b6ee93404d4fe7b551b52dbd7a4bbd8be0a57cf9b603a68736feefaea_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:7e98ef30dca1071d5abff1be2a3a296cc9a4663162a3828b697637195d314e77_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:b3ee1cad060e7f72414df1ae6c0e27ddf6f6fa7a8e45627ebeb912b8a9ca3b74_arm64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:c6d947e30ec1aa348d573ee93c669f71b38ea93801e71636f5f9ab4609f681b4_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:436307eef035e0e9be448eb6c4f6a690a7d357ed06d661642b082e0d3219864c_amd64", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:53ceb20280569eaf0129686d49d462a3c1d3eaf2829b6eb920e9359be718e2c4_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aa89295f36c99d70e63b07e9fe2c8db348df38b3308870f543efb4be24beca6c_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aed3972894519bc832bd9a340316a752ebb8edbc393051904c399eef7e423dd4_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1808d69232a47c3590a41c1e97126dd06c2727be972b11170b115f2e5d9fec38_amd64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1d5153067a1cb127f74d2bc983d16db8f39313a378f14d13f7e39da28f2251ae_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:5be1e54791e8024f0e1342eba7d4441e0606f9a26be8f52aff51c8665baa41cc_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:f2924c460e8d7e12da359f365f9ec3b13c2d175dd6c11533b12113741eea7292_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:8a28d0fad728823ae5a07a259a0866bc507ae9b0f90eb1b4c63567aaf13c377c_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f5b656141ad16ac873d1b886abc3b956380268b6c0dddb8ceac3e79b65edae0a_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f708326772c9ed846e11b053efda56c106d5a72a13482d2a8ecc179cfb957bc9_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:fb98ce01f36b3780192e99b96c688387b5d76892f409b831d6f134ec65d02d4a_amd64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:56067372156bb6d00103eecc4b5c80478980036b8143a2e2a73f8a685d0d78ee_amd64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:98724153fa7763d22bcf11c3a5faa6eee0f6c40c4f4f647487e106d2ef427218_s390x", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:a7f8ce55764d4e303d54aaf064d56ee192620d29b361fabcda2a26f364221dc9_arm64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:e3e10a30c35a9cbd5f81d107e9ce86b2410bd10171673521eab1491ebdee2314_ppc64le", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:1de63e2d307841c7707f4d0c09cd1d9cd673bbd7736c5f6c533986a9de0d1118_s390x", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:488e74aed7f420f6112ef1f7b3b5cc812358574ec149ecca1147ff2f9d6d7835_arm64", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:5be8ca7ec79077906c23b52cdaa731866774a2e413babd395d3f24d892bed37a_ppc64le", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:c78e2547f3cff318747e354f09e5954c71fde8840ab8db818050dc9531205e6c_amd64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:09f23f185abfbec175fbea2cc1fba624308c2777b5c8133d9e98daeb4bcfa009_s390x", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3af39faf1795e87018795c35b2ec5074bfcd1bf76b84326446cfb1570bc0d5e0_arm64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3c969356ace5c3bc0fa5d6d8e25a838262b0f6152533f4361034a742eb29ae24_amd64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:f02c115867036c64cdf8669fe7690b94d23b19ad7b969938f7c4cbb00111d403_ppc64le", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:1339f82b15ebe01ba411e70252eb5964a5d622bd28a7fa494786ae6317d3060c_amd64", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:328c0d0e4d06573f2f26bbec39f1a570eb6ddbc26a5c0fa380fec7f840f6475e_arm64", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:e5480dd0b573d0fd949fa2cf22d77ebb5a32765fb95bed18a02fa3155f690f5b_ppc64le", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:fab9c37776dabaa9c510bf243f23407715a1e3bd1c0a0280dc22191c6349a1c0_s390x", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:01517c35f75f1f4f4c3625eb899bff16ae5c114a241c70b56f7de2310ddd065e_s390x", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:33929c835221f166d0eb731f5e553cdf78a5579a124c90b462d4bb5250dc7254_arm64", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:89dad712668e3fdd11a79fdc477a5a2fe1060902bd3f3e575fd2812b4e9f7037_ppc64le", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:fa807a069376c408c56d593bc2e2569cec0c19f105a727a616dea3bd8305953f_amd64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:4f5241425e26875244fab0ec9e96707790ef86edca5265ac01de1ccfc86294c0_amd64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:64c9e84fb923d107d0d4d3f9026510de03f73773cc8348f0025721d26033215c_arm64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:8913009902c71afe34f3a98ed720997e72f764cb7e251a08a2698f2d8ce64e24_s390x", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:c5bcc8c4e5d2a4b7270b04dc1b8e8fa399a0f0bfff1d1cc3e7ec0b7b7b6e0f3f_ppc64le", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:002229b229bf9a13e54dc16e1edacc0cf8c75d6f46948868a045d79dfd38033c_amd64", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:53a9030933e0b2f752461e5337590ad16e891a8fdda897d8a0cb8e135363f0d0_ppc64le", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:d4296089159e15bf3e11f5695a34d10b83875a346545f1d09824b4fe47295cf8_s390x", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:e05489056e65dba4eb291b050c8072608a5efc2ce971b34a903c8c7ca07e0927_arm64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:0d64615d4c3a6fc8e0fc5eb595d8f846f17f7462aaf66b40aa54436fe2b4bd2b_amd64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:c182f0b51bfd9b29ea7363f74522a49b6601418f5db76843231167ef1176f709_s390x", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:d41f6fabaec525dfaac736806b93102479260309f482e155af2b03dc3c9a0c61_arm64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:f35f6472c8138046e2f9017659dfb5a703cd895032a21d6d95c1075173005f7c_ppc64le", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:83354271af399291790b9c3e2e98ba1db7fac99b48a385d50e7318b357f882ca_ppc64le", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:cc5f8499009dc316d936c3a57f9a9457d5f2bbc8568e2b484a7c8b1cc676da7c_arm64", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:e79bba365fb1a5edb7cc53d07cebdbb56e861948dedd61e9697f14a8defc300b_amd64", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:f7a86d6209a19498e56da1f39533a1198af35c2a9e3c824cea252eb34d737219_s390x", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:41d64847ac789df45b51aeca8debfa2a5ac7ff15ad880ba7213ce8afbe4aff2e_amd64", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:5a32ad8c8e7792f9679a604f073bce047c4f8fdd713a655ae83314e27366c5af_arm64", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:7040938ffaa1682dfefe95a614335b9d4f59aac472e47937f1d19f8325d985e6_ppc64le", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:9d25ef8c29b2dac4660e18c17d0286fa2ff0f6f6383b6bf795f7e5e6f70b950e_s390x", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:4bf538ff68126949da79f7b1ab97a44a64529e240cd3f84360a88bb6a9a08e4d_ppc64le", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:57bf2eca5df0be601d7dd59357e95d078bf69d26c1b26cdd56d0d311df123d5a_arm64", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:65f96884ed34103842217b26597ec413197db699aeb004daeca08f1d08014f46_amd64", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:ed01454411cbdfb20661aecc76e00767b5ec122e27a379159476eabba741b94e_s390x", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:523776c04653aac8c750ff48156fd7a5b0efd9ad35c40cbacdbe0ca6dda48217_amd64", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:7cea9ce9aeb26df137590353de05b8a88ee55faa43cecde68e40fb875f9844cd_arm64", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:866125412b6812710734b9e72d09581be40879bb57236e37660e2d29210a37ad_s390x", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:c89f9fed1ce56a6baf10808454b01d4df88571db744feb2bfae8b5707d82013f_ppc64le", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:407178ad223483b92a382e0fb916de9f42f1a0db9aaacb66710a7a743f1c3dce_arm64", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:455dde7a89b1505c93651022451b83e1e8f86186b98f660e3c6ad998a97d48f3_ppc64le", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:95de0275698ef704379246e088763c3827171487049b9cfb857712ddbdef46e9_amd64", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:f0397b30dc7b824b0e37a256c5a067585885c80db1033b44a13fe56446cd80a9_s390x", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:1f27bc62a66413a31d2d680ecd2a8ed9c9d378341da56b788cd86c98151a1fd4_s390x", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:534420075e829b5881f6cd3f32d4aa90ea3075de869b84f689c9606d4f03521a_arm64", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:8cc675a0cf4ff24b28c0b75a54fc4f3328c6a9f041f21d1814d210b7704f6970_amd64", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:c56179f297ebab2ef9851417ec42ac6c16b6f8cb3627c243ff6984d2dd6ac76d_ppc64le", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:3b94abf5182934113b1cf9b8688a2da977d5fec3110f2d79b81b2ec46ffeada3_ppc64le", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:70aa7c3711b4085caa9ba50295dfedf9b2cd3a1b37e815e4a7245c1aef0cfe22_s390x", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:bea2ee18f401ec1b4c4b87f40f6f79a4418d6aafad5e2b50099f7541b6699de7_arm64", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:f45de50d8d7b6a285317a3bc1c413427841c8d6fab742f6de0a61bad9722b61e_amd64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:094b84362782a88d8b0c7a75a23dd5ae3ff846913f0a49e732d53cc0efdf6a61_arm64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:708e8f9531f5cc33a2543956eb0c940e5ad36d2ac196903a0beaa42944cb543f_ppc64le", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:baa029b8feb59ec4d626f021ebf777cc991c1a24c29c321c40513b91641f4bbc_amd64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:c7937a592a255199c316e30c499d0c150cc95c3f208e46d8a936a5bc03a1fed6_s390x", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:21d28e1c3d1c7e8803261867c20a29df444676780ed9d4cc9f1dd1c8dbd68688_amd64", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6bac06a2e1e181fe4920a33df5ce433635871a42ba30fbbe0adff1c505fbab4b_ppc64le", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6c7cb2786f6863e7d1c8554f159c68123921d22bbd7bec5fc3532cad991937b4_s390x", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:e044af5fee732dd9923759b312c3b72dd4b6ab1780456973f35677d72586913e_arm64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:21644ef77ec046c79fb64f612245ac5d59c0aa569c548b48062da8896d159696_s390x", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:2358249e2cf40d054cca5711f39091e2f0cbd44e61a24d3c1dd1a9e79cc440b1_arm64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:9638fab8d1439730395607cc99bcda33eae5e813778398888124e8ae319cb80e_amd64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:e06aed89ad0c48bef78e45512d22c3373f62c63d335d953ba064b160a68fcad2_ppc64le", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:1063ef655f5dd15b0b914572ba672892eb53b441ae151d14cffca9d320860f2d_ppc64le", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:3f0ab9161698eb9e3342c3b3fc70d5ca9c420cdcc5a5ccebc8cc993dfefb9dc3_amd64", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:651c4ac3da42bc2acfe9bff35e397ccf5e88abb6303622f3244d6ccb9b8f9e0d_s390x", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:f02a569222e13356f5fbdef5b7d2da943e6f6071fd88ba75a2565b3d340b6c3a_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:49083d7039af6df4bd639dd998162c96dc586da4d828ffbe9c880a8a8d6d13d6_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:68228ba1ef7bf5631f0cab91cb4e9f86c3d24c1ad587332d42c4f85e1a3608d7_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:93da29b41da3c87d4bffaf42369b50217f5d8f81d0a82c4108c27a3c40f544d8_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:f212909bc9ed5be6da68a3b6a4866fdc17ecc3514b075977a8679998d6742cbe_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:299f0753c65ab4e609418fd5515bdcb041bee357f4db192ae32a24ad0c4d7853_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:62520c406cdbd823e99e8ee9ff9119b61cb6880fcb1335211b6520bedec564f2_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:9c58c89cb0173394684d7d23178ad32eb2d571444cb306ea599565eaac92ea4f_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:b385c92b069a8dae72e57b69d24e1fff59ad46781579882a1edfa4839fd8bbba_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:044723d62439a8364772ab27be2c04dbd2c0421dbeb0a7b94f70e99e646b4c80_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:d8fe5baa4aefbcf41861743a3cf6c94f8a2a63526e96e5d263a40a8cb8a5ad4e_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:da65bc93513dfb37a4828eaf5e1d4c08265ffdba05028fed95a564341d226771_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:ddb1016901287c80ef1972f25db37b1182e854115671961efb3fc0048cd95800_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:548d610f996e73b67eb21d2993b5ac3d0da02997a48b9c1226072d6d95ae4c3b_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:6307eb5e9195415477b18d701310e8813772b7120d0fc4ac83846e54b46b4745_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:a69777a61feaf373c162a82ffb6f6996df6231c23cb2f1923bdd77c311d7d739_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:e53b330ed0c4ed0803a93b18a6ce290814dcd16dce6eb980809b5b8c6c09deb4_amd64", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:405fa2e3363a3c124a5764d6153b7bcba3d43a3026813085e44c9246d51ca60a_amd64", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:b82d4ecef59b69623ec4d0a9b5537fa52e007336727c92345cd829d80961f14a_s390x", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:e96ea7f3533e7d0836512cbc2b027b60c400aa16c8e4691117608ab4736a059b_ppc64le", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:fdf9ae4924a587c945a85b2319b0471a5688368df572f2de852c51da8bc74dcb_arm64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:1af36144b83dc16cd1958d0414be55eaa2aae95894b6eefd2233308ace81df02_ppc64le", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:2aeec43f11c6572abb7d4468560dc1561a023d9692058a4ac2b13a0cedb44dde_amd64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:8b359fcf74d236fc488ef4553dbaf9dbec549e331f2b103b40139aa2eb1345e4_arm64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:97291260ff17e7e1b1f490a68041613ca5f7c192d848f928eca9b867de47bc4e_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:16eeedaa25dd61c03514479044fde9851c5b4224b718a496e33d43a06f57d5b5_amd64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:928c114e3aca978626ad91889aaed0cc20ca0d641ad946c9a1b1f2424245c795_arm64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c4e260eabb09bacc1aa332ea2001333c671e0fc65a3ef4d04e02b5473b45642d_ppc64le", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c870e034b29dfa320cb6a6bf60021033b622b76a0c4aaaf2a768326ea046b459_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:1e46b8610e037752ecfb30aaac5c7459a81aa119bf0c2b2ffb0dc90cd5701af0_arm64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:51374017a10289e0402363ae2839d110f500be44dc44834dbd8dd66ba0e6f5e9_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:836c0b874ba4fc57b5f79dffacefd2dc0261822cb6dde17d247db39175a5c27f_amd64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:b7b3de98fbcc216c00d3291691f8997183a6409dabed8ea7b10b336c481b2b87_ppc64le", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:6c9ea79e385be44f735efb932079b328200d47869f5f5f9b442fdb76067cac2a_amd64", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8349cdc4677a2dd37c54b058c487d76e8fbe4c76178e805d4745ef5c62bc6151_arm64", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8e8c89c184a5d023f031ab7cca2c4c64cdfd151c37aa5ae3a206cb1f1055268f_ppc64le", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:fdbba855391acd2b33d0b16f9f0e7ba2a9cdbaa90bf71298182954b7f4c8fe76_s390x", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:59174c376ae5563ea3a2a68bf999458f6b905058f57a7779b6dddd7aff252e4f_amd64", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:6877b4207285d7a0e1343f5c1b70bab163d1fd5004f778998d2e612817ea5f06_s390x", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a3661c1cbfa2f8c230ec44ee5e2fecf1967ce48df0c9699f063bd27407b94dac_arm64", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a5a9a7c264f07c789094cb5371729f86700c0cfce4605b573c236c21a46ea9d6_ppc64le", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:3481fdb51147ce735b7864215cacd4c6a24b2c05a9388866f11be887a5fd0d4f_s390x", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:84486a82cd6655d5e5a1fbccae5a2e9335498d3e05422fa325b443c8923c1b75_arm64", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:bdeee76d09265212805e06117c368c96d40c7b46278dc09413fa300c6198ac2d_amd64", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:ceb1bd89103c56378166ab968dbaa387ab0531d1592f053718d0c1c683770e3d_ppc64le", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:4b7544ec460f265afb71c9d362cf9851e3ba250c3ab694ccc9a78c15eb38a612_arm64", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:6695c50772760b400d0535f406f02b7c37436c5ce6932b8d5518b995780287a8_s390x", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:91b398bdccc5dbbfb82913ac52110d0b8e2f6c37ded6aa22b7d97ec4655b4cde_amd64", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:e129649706a536e4ef6e8f770d0bf682f35da55c86c978c749e903b1a2bbe875_ppc64le", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:17dfda9e5f46f9df69171607ec2e078be9362de4c13e2ed20763fc59a7e9cd1a_s390x", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:4eddabb57e6f448c45fba78dc72f1541ccddb11b63a558764d0c105465a76555_amd64", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:581fb02a9670b27810f2ad35bad4a82d2e1eab77fcd1274de05b0a922450d3fc_ppc64le", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:7400391c2a56bc01da6fbbf13bb249a01e90d8eccb8d465dfb19c3598f5fecbe_arm64", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:4b228ecad424ca792139152948e27ed4c714dcfbcd540caf117dee20845018c8_ppc64le", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:7ceb607e7a3205361d8c9d1b44aae47381e2d07b129e40b5f90f55c3a8402774_arm64", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:b17fe936f5d8d8da38d72bf2153b47ac619c460c1f8227b4cb2f37cfc18cd4be_s390x", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:e9a5ef8f2d97357bee0198544d0545c26ee7c7d10116771e510d73eda6c45abe_amd64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:23a4e918b5ffdbad4745e541afad2747bd6b28e534a31e7b5aff74296b27e3e7_amd64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:26de3711356177090694b4bf00821d873127cf8c0675fe42a8f757c5c37a40cd_arm64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:6515a630cddbb13fd14f81fd3b8c3a95f2469eaf599010b42732d8fd794af1b0_s390x", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:736e1fd62ba7b6c56ad1af81ab1260dd7d13a770d62914183aaa2cc2ebb0dc20_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41912" }, { "category": "external", "summary": "RHBZ#2149181", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2149181" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41912", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41912" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41912", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41912" }, { "category": "external", "summary": "https://github.com/crewjam/saml/security/advisories/GHSA-j2jp-wvqg-wc2g", "url": "https://github.com/crewjam/saml/security/advisories/GHSA-j2jp-wvqg-wc2g" } ], "release_date": "2022-11-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-07T18:36:08+00:00", "details": "For Red Hat Advanced Cluster Management for Kubernetes, see the following\ndocumentation, which will be updated shortly for this release, for important\ninstructions on installing this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:0c427fa58c97b71eb784e4a590c208b0284cf656f66a268ea4803804ce3ce28a_arm64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:2e3505803004ca421087171bfe9097f6f106c812f840e8b83d1215150b4137c4_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:49746c3a6e7033b1bac90d3515e0f5ab44aaf9c45cce414308da72bb960287b1_amd64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:c8f1a9d09131727033e6e60984c5baa3271adc6a23854b9aabe70f36952d35d6_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0630" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:0c427fa58c97b71eb784e4a590c208b0284cf656f66a268ea4803804ce3ce28a_arm64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:2e3505803004ca421087171bfe9097f6f106c812f840e8b83d1215150b4137c4_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:49746c3a6e7033b1bac90d3515e0f5ab44aaf9c45cce414308da72bb960287b1_amd64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:c8f1a9d09131727033e6e60984c5baa3271adc6a23854b9aabe70f36952d35d6_s390x" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements" }, { "cve": "CVE-2023-22467", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2023-01-05T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:1aae106ecbdeadb77b0fd95133827e7fad4f5fcb9916e56ca0dfccab8bd34bed_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:2c7f0617df666e8cbcd622dee073a35843db4a81caa19b7db3b9fb9264cdf7fc_amd64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7f6671f84fcbe569fceece415dd7beeb8bb7f86c3031bdfb3ac0d0e777051b2f_s390x", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:b30028955a86b6ecdb8c6865328976d74e98f56d6e21277a9f5a812f896b6303_arm64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:25271964483024b3235dd61f7e7bb9dd5e9dfa75f76e6ded5c92580d440ca48b_s390x", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:7dcde13540cc938374463521f91091a7bbf0a037cabfc5e4b55c89497e0ba6bf_arm64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:b7b778111722c0da14ae74580be1813f6ecedf97fcd88de46fd15cc3ace2cb61_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:ec5fc63b94bc9c070f14fd76d4ae26b90e3f29d3694887380a5f8f8ea5a04bc0_amd64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:0c427fa58c97b71eb784e4a590c208b0284cf656f66a268ea4803804ce3ce28a_arm64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:2e3505803004ca421087171bfe9097f6f106c812f840e8b83d1215150b4137c4_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:49746c3a6e7033b1bac90d3515e0f5ab44aaf9c45cce414308da72bb960287b1_amd64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:c8f1a9d09131727033e6e60984c5baa3271adc6a23854b9aabe70f36952d35d6_s390x", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:0be17e173b962f1a87e833096f208c9030fce1128b2b8c86842a0a40f7d6cf02_arm64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:5c79bf93599b792c20c76d9a0a35532ad79a45f3765dccfbafab9a273e338e52_amd64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:a05c071011c96e4db1e4a469883103f4118a304d3e03338083d2a103c0e7c208_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:ad85c5d648363cdb36790b49311f4e07a8584b9e6065cde9d41274a1bd716f0a_s390x", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:90320bd14c632ace987ca1eac05a78068123ef1fc97c401951d073a3f0fd8e66_s390x", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:e45be680b6140f58ff1840649b29aebebad4c5950d9571ca39dfea1dffd669b0_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:f63d0a9a0e3dc9d86e84279c50e9c613d8430e71a3821d418e168250ca3b747c_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0fd63f75b7638fadc78f92a62d6e9731e42c05069f3e93ab0ffd4b004de78100_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:2839bcce06fd5a02f6cc8fce8668fb806ae8f2e0e7174e5c66376792c2d1fd92_s390x", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:7fcb79c1707b3c8b767d8c174e5b64516f200c0bfa255c1f40557446b37debae_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a4e43fc7608837da6a66cb2c5bda4b78b520c3075c0f1f66bb824fa44e2d35fd_arm64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:4283fa3b6ee93404d4fe7b551b52dbd7a4bbd8be0a57cf9b603a68736feefaea_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:7e98ef30dca1071d5abff1be2a3a296cc9a4663162a3828b697637195d314e77_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:b3ee1cad060e7f72414df1ae6c0e27ddf6f6fa7a8e45627ebeb912b8a9ca3b74_arm64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:c6d947e30ec1aa348d573ee93c669f71b38ea93801e71636f5f9ab4609f681b4_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:436307eef035e0e9be448eb6c4f6a690a7d357ed06d661642b082e0d3219864c_amd64", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:53ceb20280569eaf0129686d49d462a3c1d3eaf2829b6eb920e9359be718e2c4_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aa89295f36c99d70e63b07e9fe2c8db348df38b3308870f543efb4be24beca6c_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aed3972894519bc832bd9a340316a752ebb8edbc393051904c399eef7e423dd4_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1808d69232a47c3590a41c1e97126dd06c2727be972b11170b115f2e5d9fec38_amd64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1d5153067a1cb127f74d2bc983d16db8f39313a378f14d13f7e39da28f2251ae_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:5be1e54791e8024f0e1342eba7d4441e0606f9a26be8f52aff51c8665baa41cc_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:f2924c460e8d7e12da359f365f9ec3b13c2d175dd6c11533b12113741eea7292_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:8a28d0fad728823ae5a07a259a0866bc507ae9b0f90eb1b4c63567aaf13c377c_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f5b656141ad16ac873d1b886abc3b956380268b6c0dddb8ceac3e79b65edae0a_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f708326772c9ed846e11b053efda56c106d5a72a13482d2a8ecc179cfb957bc9_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:fb98ce01f36b3780192e99b96c688387b5d76892f409b831d6f134ec65d02d4a_amd64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:56067372156bb6d00103eecc4b5c80478980036b8143a2e2a73f8a685d0d78ee_amd64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:98724153fa7763d22bcf11c3a5faa6eee0f6c40c4f4f647487e106d2ef427218_s390x", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:a7f8ce55764d4e303d54aaf064d56ee192620d29b361fabcda2a26f364221dc9_arm64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:e3e10a30c35a9cbd5f81d107e9ce86b2410bd10171673521eab1491ebdee2314_ppc64le", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:1de63e2d307841c7707f4d0c09cd1d9cd673bbd7736c5f6c533986a9de0d1118_s390x", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:488e74aed7f420f6112ef1f7b3b5cc812358574ec149ecca1147ff2f9d6d7835_arm64", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:5be8ca7ec79077906c23b52cdaa731866774a2e413babd395d3f24d892bed37a_ppc64le", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:c78e2547f3cff318747e354f09e5954c71fde8840ab8db818050dc9531205e6c_amd64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:09f23f185abfbec175fbea2cc1fba624308c2777b5c8133d9e98daeb4bcfa009_s390x", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3af39faf1795e87018795c35b2ec5074bfcd1bf76b84326446cfb1570bc0d5e0_arm64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3c969356ace5c3bc0fa5d6d8e25a838262b0f6152533f4361034a742eb29ae24_amd64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:f02c115867036c64cdf8669fe7690b94d23b19ad7b969938f7c4cbb00111d403_ppc64le", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:1339f82b15ebe01ba411e70252eb5964a5d622bd28a7fa494786ae6317d3060c_amd64", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:328c0d0e4d06573f2f26bbec39f1a570eb6ddbc26a5c0fa380fec7f840f6475e_arm64", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:e5480dd0b573d0fd949fa2cf22d77ebb5a32765fb95bed18a02fa3155f690f5b_ppc64le", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:fab9c37776dabaa9c510bf243f23407715a1e3bd1c0a0280dc22191c6349a1c0_s390x", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:4f5241425e26875244fab0ec9e96707790ef86edca5265ac01de1ccfc86294c0_amd64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:64c9e84fb923d107d0d4d3f9026510de03f73773cc8348f0025721d26033215c_arm64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:8913009902c71afe34f3a98ed720997e72f764cb7e251a08a2698f2d8ce64e24_s390x", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:c5bcc8c4e5d2a4b7270b04dc1b8e8fa399a0f0bfff1d1cc3e7ec0b7b7b6e0f3f_ppc64le", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:002229b229bf9a13e54dc16e1edacc0cf8c75d6f46948868a045d79dfd38033c_amd64", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:53a9030933e0b2f752461e5337590ad16e891a8fdda897d8a0cb8e135363f0d0_ppc64le", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:d4296089159e15bf3e11f5695a34d10b83875a346545f1d09824b4fe47295cf8_s390x", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:e05489056e65dba4eb291b050c8072608a5efc2ce971b34a903c8c7ca07e0927_arm64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:0d64615d4c3a6fc8e0fc5eb595d8f846f17f7462aaf66b40aa54436fe2b4bd2b_amd64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:c182f0b51bfd9b29ea7363f74522a49b6601418f5db76843231167ef1176f709_s390x", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:d41f6fabaec525dfaac736806b93102479260309f482e155af2b03dc3c9a0c61_arm64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:f35f6472c8138046e2f9017659dfb5a703cd895032a21d6d95c1075173005f7c_ppc64le", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:83354271af399291790b9c3e2e98ba1db7fac99b48a385d50e7318b357f882ca_ppc64le", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:cc5f8499009dc316d936c3a57f9a9457d5f2bbc8568e2b484a7c8b1cc676da7c_arm64", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:e79bba365fb1a5edb7cc53d07cebdbb56e861948dedd61e9697f14a8defc300b_amd64", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:f7a86d6209a19498e56da1f39533a1198af35c2a9e3c824cea252eb34d737219_s390x", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:41d64847ac789df45b51aeca8debfa2a5ac7ff15ad880ba7213ce8afbe4aff2e_amd64", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:5a32ad8c8e7792f9679a604f073bce047c4f8fdd713a655ae83314e27366c5af_arm64", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:7040938ffaa1682dfefe95a614335b9d4f59aac472e47937f1d19f8325d985e6_ppc64le", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:9d25ef8c29b2dac4660e18c17d0286fa2ff0f6f6383b6bf795f7e5e6f70b950e_s390x", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:4bf538ff68126949da79f7b1ab97a44a64529e240cd3f84360a88bb6a9a08e4d_ppc64le", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:57bf2eca5df0be601d7dd59357e95d078bf69d26c1b26cdd56d0d311df123d5a_arm64", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:65f96884ed34103842217b26597ec413197db699aeb004daeca08f1d08014f46_amd64", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:ed01454411cbdfb20661aecc76e00767b5ec122e27a379159476eabba741b94e_s390x", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:523776c04653aac8c750ff48156fd7a5b0efd9ad35c40cbacdbe0ca6dda48217_amd64", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:7cea9ce9aeb26df137590353de05b8a88ee55faa43cecde68e40fb875f9844cd_arm64", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:866125412b6812710734b9e72d09581be40879bb57236e37660e2d29210a37ad_s390x", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:c89f9fed1ce56a6baf10808454b01d4df88571db744feb2bfae8b5707d82013f_ppc64le", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:407178ad223483b92a382e0fb916de9f42f1a0db9aaacb66710a7a743f1c3dce_arm64", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:455dde7a89b1505c93651022451b83e1e8f86186b98f660e3c6ad998a97d48f3_ppc64le", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:95de0275698ef704379246e088763c3827171487049b9cfb857712ddbdef46e9_amd64", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:f0397b30dc7b824b0e37a256c5a067585885c80db1033b44a13fe56446cd80a9_s390x", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:1f27bc62a66413a31d2d680ecd2a8ed9c9d378341da56b788cd86c98151a1fd4_s390x", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:534420075e829b5881f6cd3f32d4aa90ea3075de869b84f689c9606d4f03521a_arm64", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:8cc675a0cf4ff24b28c0b75a54fc4f3328c6a9f041f21d1814d210b7704f6970_amd64", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:c56179f297ebab2ef9851417ec42ac6c16b6f8cb3627c243ff6984d2dd6ac76d_ppc64le", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:3b94abf5182934113b1cf9b8688a2da977d5fec3110f2d79b81b2ec46ffeada3_ppc64le", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:70aa7c3711b4085caa9ba50295dfedf9b2cd3a1b37e815e4a7245c1aef0cfe22_s390x", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:bea2ee18f401ec1b4c4b87f40f6f79a4418d6aafad5e2b50099f7541b6699de7_arm64", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:f45de50d8d7b6a285317a3bc1c413427841c8d6fab742f6de0a61bad9722b61e_amd64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:094b84362782a88d8b0c7a75a23dd5ae3ff846913f0a49e732d53cc0efdf6a61_arm64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:708e8f9531f5cc33a2543956eb0c940e5ad36d2ac196903a0beaa42944cb543f_ppc64le", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:baa029b8feb59ec4d626f021ebf777cc991c1a24c29c321c40513b91641f4bbc_amd64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:c7937a592a255199c316e30c499d0c150cc95c3f208e46d8a936a5bc03a1fed6_s390x", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:21d28e1c3d1c7e8803261867c20a29df444676780ed9d4cc9f1dd1c8dbd68688_amd64", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6bac06a2e1e181fe4920a33df5ce433635871a42ba30fbbe0adff1c505fbab4b_ppc64le", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6c7cb2786f6863e7d1c8554f159c68123921d22bbd7bec5fc3532cad991937b4_s390x", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:e044af5fee732dd9923759b312c3b72dd4b6ab1780456973f35677d72586913e_arm64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:21644ef77ec046c79fb64f612245ac5d59c0aa569c548b48062da8896d159696_s390x", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:2358249e2cf40d054cca5711f39091e2f0cbd44e61a24d3c1dd1a9e79cc440b1_arm64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:9638fab8d1439730395607cc99bcda33eae5e813778398888124e8ae319cb80e_amd64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:e06aed89ad0c48bef78e45512d22c3373f62c63d335d953ba064b160a68fcad2_ppc64le", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:1063ef655f5dd15b0b914572ba672892eb53b441ae151d14cffca9d320860f2d_ppc64le", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:3f0ab9161698eb9e3342c3b3fc70d5ca9c420cdcc5a5ccebc8cc993dfefb9dc3_amd64", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:651c4ac3da42bc2acfe9bff35e397ccf5e88abb6303622f3244d6ccb9b8f9e0d_s390x", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:f02a569222e13356f5fbdef5b7d2da943e6f6071fd88ba75a2565b3d340b6c3a_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:49083d7039af6df4bd639dd998162c96dc586da4d828ffbe9c880a8a8d6d13d6_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:68228ba1ef7bf5631f0cab91cb4e9f86c3d24c1ad587332d42c4f85e1a3608d7_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:93da29b41da3c87d4bffaf42369b50217f5d8f81d0a82c4108c27a3c40f544d8_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:f212909bc9ed5be6da68a3b6a4866fdc17ecc3514b075977a8679998d6742cbe_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:299f0753c65ab4e609418fd5515bdcb041bee357f4db192ae32a24ad0c4d7853_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:62520c406cdbd823e99e8ee9ff9119b61cb6880fcb1335211b6520bedec564f2_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:9c58c89cb0173394684d7d23178ad32eb2d571444cb306ea599565eaac92ea4f_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:b385c92b069a8dae72e57b69d24e1fff59ad46781579882a1edfa4839fd8bbba_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:044723d62439a8364772ab27be2c04dbd2c0421dbeb0a7b94f70e99e646b4c80_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:d8fe5baa4aefbcf41861743a3cf6c94f8a2a63526e96e5d263a40a8cb8a5ad4e_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:da65bc93513dfb37a4828eaf5e1d4c08265ffdba05028fed95a564341d226771_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:ddb1016901287c80ef1972f25db37b1182e854115671961efb3fc0048cd95800_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:548d610f996e73b67eb21d2993b5ac3d0da02997a48b9c1226072d6d95ae4c3b_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:6307eb5e9195415477b18d701310e8813772b7120d0fc4ac83846e54b46b4745_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:a69777a61feaf373c162a82ffb6f6996df6231c23cb2f1923bdd77c311d7d739_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:e53b330ed0c4ed0803a93b18a6ce290814dcd16dce6eb980809b5b8c6c09deb4_amd64", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:405fa2e3363a3c124a5764d6153b7bcba3d43a3026813085e44c9246d51ca60a_amd64", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:b82d4ecef59b69623ec4d0a9b5537fa52e007336727c92345cd829d80961f14a_s390x", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:e96ea7f3533e7d0836512cbc2b027b60c400aa16c8e4691117608ab4736a059b_ppc64le", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:fdf9ae4924a587c945a85b2319b0471a5688368df572f2de852c51da8bc74dcb_arm64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:1af36144b83dc16cd1958d0414be55eaa2aae95894b6eefd2233308ace81df02_ppc64le", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:2aeec43f11c6572abb7d4468560dc1561a023d9692058a4ac2b13a0cedb44dde_amd64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:8b359fcf74d236fc488ef4553dbaf9dbec549e331f2b103b40139aa2eb1345e4_arm64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:97291260ff17e7e1b1f490a68041613ca5f7c192d848f928eca9b867de47bc4e_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:16eeedaa25dd61c03514479044fde9851c5b4224b718a496e33d43a06f57d5b5_amd64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:928c114e3aca978626ad91889aaed0cc20ca0d641ad946c9a1b1f2424245c795_arm64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c4e260eabb09bacc1aa332ea2001333c671e0fc65a3ef4d04e02b5473b45642d_ppc64le", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c870e034b29dfa320cb6a6bf60021033b622b76a0c4aaaf2a768326ea046b459_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:1e46b8610e037752ecfb30aaac5c7459a81aa119bf0c2b2ffb0dc90cd5701af0_arm64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:51374017a10289e0402363ae2839d110f500be44dc44834dbd8dd66ba0e6f5e9_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:836c0b874ba4fc57b5f79dffacefd2dc0261822cb6dde17d247db39175a5c27f_amd64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:b7b3de98fbcc216c00d3291691f8997183a6409dabed8ea7b10b336c481b2b87_ppc64le", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:6c9ea79e385be44f735efb932079b328200d47869f5f5f9b442fdb76067cac2a_amd64", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8349cdc4677a2dd37c54b058c487d76e8fbe4c76178e805d4745ef5c62bc6151_arm64", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8e8c89c184a5d023f031ab7cca2c4c64cdfd151c37aa5ae3a206cb1f1055268f_ppc64le", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:fdbba855391acd2b33d0b16f9f0e7ba2a9cdbaa90bf71298182954b7f4c8fe76_s390x", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:59174c376ae5563ea3a2a68bf999458f6b905058f57a7779b6dddd7aff252e4f_amd64", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:6877b4207285d7a0e1343f5c1b70bab163d1fd5004f778998d2e612817ea5f06_s390x", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a3661c1cbfa2f8c230ec44ee5e2fecf1967ce48df0c9699f063bd27407b94dac_arm64", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a5a9a7c264f07c789094cb5371729f86700c0cfce4605b573c236c21a46ea9d6_ppc64le", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:3481fdb51147ce735b7864215cacd4c6a24b2c05a9388866f11be887a5fd0d4f_s390x", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:84486a82cd6655d5e5a1fbccae5a2e9335498d3e05422fa325b443c8923c1b75_arm64", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:bdeee76d09265212805e06117c368c96d40c7b46278dc09413fa300c6198ac2d_amd64", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:ceb1bd89103c56378166ab968dbaa387ab0531d1592f053718d0c1c683770e3d_ppc64le", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:4b7544ec460f265afb71c9d362cf9851e3ba250c3ab694ccc9a78c15eb38a612_arm64", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:6695c50772760b400d0535f406f02b7c37436c5ce6932b8d5518b995780287a8_s390x", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:91b398bdccc5dbbfb82913ac52110d0b8e2f6c37ded6aa22b7d97ec4655b4cde_amd64", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:e129649706a536e4ef6e8f770d0bf682f35da55c86c978c749e903b1a2bbe875_ppc64le", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:17dfda9e5f46f9df69171607ec2e078be9362de4c13e2ed20763fc59a7e9cd1a_s390x", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:4eddabb57e6f448c45fba78dc72f1541ccddb11b63a558764d0c105465a76555_amd64", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:581fb02a9670b27810f2ad35bad4a82d2e1eab77fcd1274de05b0a922450d3fc_ppc64le", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:7400391c2a56bc01da6fbbf13bb249a01e90d8eccb8d465dfb19c3598f5fecbe_arm64", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:4b228ecad424ca792139152948e27ed4c714dcfbcd540caf117dee20845018c8_ppc64le", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:7ceb607e7a3205361d8c9d1b44aae47381e2d07b129e40b5f90f55c3a8402774_arm64", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:b17fe936f5d8d8da38d72bf2153b47ac619c460c1f8227b4cb2f37cfc18cd4be_s390x", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:e9a5ef8f2d97357bee0198544d0545c26ee7c7d10116771e510d73eda6c45abe_amd64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:23a4e918b5ffdbad4745e541afad2747bd6b28e534a31e7b5aff74296b27e3e7_amd64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:26de3711356177090694b4bf00821d873127cf8c0675fe42a8f757c5c37a40cd_arm64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:6515a630cddbb13fd14f81fd3b8c3a95f2469eaf599010b42732d8fd794af1b0_s390x", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:736e1fd62ba7b6c56ad1af81ab1260dd7d13a770d62914183aaa2cc2ebb0dc20_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2159959" } ], "notes": [ { "category": "description", "text": "A flaw was found in the luxon package, resulting in a regular expression denial of service. This issue could allow an attacker to craft and supply inputs above 10k characters, causing a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "luxon: Inefficient regular expression complexity in luxon.js", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:01517c35f75f1f4f4c3625eb899bff16ae5c114a241c70b56f7de2310ddd065e_s390x", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:33929c835221f166d0eb731f5e553cdf78a5579a124c90b462d4bb5250dc7254_arm64", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:89dad712668e3fdd11a79fdc477a5a2fe1060902bd3f3e575fd2812b4e9f7037_ppc64le", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:fa807a069376c408c56d593bc2e2569cec0c19f105a727a616dea3bd8305953f_amd64" ], "known_not_affected": [ "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:1aae106ecbdeadb77b0fd95133827e7fad4f5fcb9916e56ca0dfccab8bd34bed_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:2c7f0617df666e8cbcd622dee073a35843db4a81caa19b7db3b9fb9264cdf7fc_amd64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:7f6671f84fcbe569fceece415dd7beeb8bb7f86c3031bdfb3ac0d0e777051b2f_s390x", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:b30028955a86b6ecdb8c6865328976d74e98f56d6e21277a9f5a812f896b6303_arm64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:25271964483024b3235dd61f7e7bb9dd5e9dfa75f76e6ded5c92580d440ca48b_s390x", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:7dcde13540cc938374463521f91091a7bbf0a037cabfc5e4b55c89497e0ba6bf_arm64", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:b7b778111722c0da14ae74580be1813f6ecedf97fcd88de46fd15cc3ace2cb61_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:ec5fc63b94bc9c070f14fd76d4ae26b90e3f29d3694887380a5f8f8ea5a04bc0_amd64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:0c427fa58c97b71eb784e4a590c208b0284cf656f66a268ea4803804ce3ce28a_arm64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:2e3505803004ca421087171bfe9097f6f106c812f840e8b83d1215150b4137c4_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:49746c3a6e7033b1bac90d3515e0f5ab44aaf9c45cce414308da72bb960287b1_amd64", "8Base-RHACM-2.7:rhacm2/acm-grafana-rhel8@sha256:c8f1a9d09131727033e6e60984c5baa3271adc6a23854b9aabe70f36952d35d6_s390x", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:0be17e173b962f1a87e833096f208c9030fce1128b2b8c86842a0a40f7d6cf02_arm64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:5c79bf93599b792c20c76d9a0a35532ad79a45f3765dccfbafab9a273e338e52_amd64", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:a05c071011c96e4db1e4a469883103f4118a304d3e03338083d2a103c0e7c208_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-must-gather-rhel8@sha256:ad85c5d648363cdb36790b49311f4e07a8584b9e6065cde9d41274a1bd716f0a_s390x", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:90320bd14c632ace987ca1eac05a78068123ef1fc97c401951d073a3f0fd8e66_s390x", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:e45be680b6140f58ff1840649b29aebebad4c5950d9571ca39dfea1dffd669b0_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-operator-bundle@sha256:f63d0a9a0e3dc9d86e84279c50e9c613d8430e71a3821d418e168250ca3b747c_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0fd63f75b7638fadc78f92a62d6e9731e42c05069f3e93ab0ffd4b004de78100_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:2839bcce06fd5a02f6cc8fce8668fb806ae8f2e0e7174e5c66376792c2d1fd92_s390x", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:7fcb79c1707b3c8b767d8c174e5b64516f200c0bfa255c1f40557446b37debae_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:a4e43fc7608837da6a66cb2c5bda4b78b520c3075c0f1f66bb824fa44e2d35fd_arm64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:4283fa3b6ee93404d4fe7b551b52dbd7a4bbd8be0a57cf9b603a68736feefaea_amd64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:7e98ef30dca1071d5abff1be2a3a296cc9a4663162a3828b697637195d314e77_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:b3ee1cad060e7f72414df1ae6c0e27ddf6f6fa7a8e45627ebeb912b8a9ca3b74_arm64", "8Base-RHACM-2.7:rhacm2/acm-prometheus-rhel8@sha256:c6d947e30ec1aa348d573ee93c669f71b38ea93801e71636f5f9ab4609f681b4_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:436307eef035e0e9be448eb6c4f6a690a7d357ed06d661642b082e0d3219864c_amd64", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:53ceb20280569eaf0129686d49d462a3c1d3eaf2829b6eb920e9359be718e2c4_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aa89295f36c99d70e63b07e9fe2c8db348df38b3308870f543efb4be24beca6c_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-indexer-rhel8@sha256:aed3972894519bc832bd9a340316a752ebb8edbc393051904c399eef7e423dd4_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1808d69232a47c3590a41c1e97126dd06c2727be972b11170b115f2e5d9fec38_amd64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:1d5153067a1cb127f74d2bc983d16db8f39313a378f14d13f7e39da28f2251ae_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:5be1e54791e8024f0e1342eba7d4441e0606f9a26be8f52aff51c8665baa41cc_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-v2-api-rhel8@sha256:f2924c460e8d7e12da359f365f9ec3b13c2d175dd6c11533b12113741eea7292_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:8a28d0fad728823ae5a07a259a0866bc507ae9b0f90eb1b4c63567aaf13c377c_arm64", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f5b656141ad16ac873d1b886abc3b956380268b6c0dddb8ceac3e79b65edae0a_s390x", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:f708326772c9ed846e11b053efda56c106d5a72a13482d2a8ecc179cfb957bc9_ppc64le", "8Base-RHACM-2.7:rhacm2/acm-search-v2-rhel8@sha256:fb98ce01f36b3780192e99b96c688387b5d76892f409b831d6f134ec65d02d4a_amd64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:56067372156bb6d00103eecc4b5c80478980036b8143a2e2a73f8a685d0d78ee_amd64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:98724153fa7763d22bcf11c3a5faa6eee0f6c40c4f4f647487e106d2ef427218_s390x", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:a7f8ce55764d4e303d54aaf064d56ee192620d29b361fabcda2a26f364221dc9_arm64", "8Base-RHACM-2.7:rhacm2/acm-volsync-addon-controller-rhel8@sha256:e3e10a30c35a9cbd5f81d107e9ce86b2410bd10171673521eab1491ebdee2314_ppc64le", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:1de63e2d307841c7707f4d0c09cd1d9cd673bbd7736c5f6c533986a9de0d1118_s390x", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:488e74aed7f420f6112ef1f7b3b5cc812358574ec149ecca1147ff2f9d6d7835_arm64", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:5be8ca7ec79077906c23b52cdaa731866774a2e413babd395d3f24d892bed37a_ppc64le", "8Base-RHACM-2.7:rhacm2/cert-policy-controller-rhel8@sha256:c78e2547f3cff318747e354f09e5954c71fde8840ab8db818050dc9531205e6c_amd64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:09f23f185abfbec175fbea2cc1fba624308c2777b5c8133d9e98daeb4bcfa009_s390x", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3af39faf1795e87018795c35b2ec5074bfcd1bf76b84326446cfb1570bc0d5e0_arm64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:3c969356ace5c3bc0fa5d6d8e25a838262b0f6152533f4361034a742eb29ae24_amd64", "8Base-RHACM-2.7:rhacm2/cluster-backup-rhel8-operator@sha256:f02c115867036c64cdf8669fe7690b94d23b19ad7b969938f7c4cbb00111d403_ppc64le", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:1339f82b15ebe01ba411e70252eb5964a5d622bd28a7fa494786ae6317d3060c_amd64", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:328c0d0e4d06573f2f26bbec39f1a570eb6ddbc26a5c0fa380fec7f840f6475e_arm64", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:e5480dd0b573d0fd949fa2cf22d77ebb5a32765fb95bed18a02fa3155f690f5b_ppc64le", "8Base-RHACM-2.7:rhacm2/config-policy-controller-rhel8@sha256:fab9c37776dabaa9c510bf243f23407715a1e3bd1c0a0280dc22191c6349a1c0_s390x", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:4f5241425e26875244fab0ec9e96707790ef86edca5265ac01de1ccfc86294c0_amd64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:64c9e84fb923d107d0d4d3f9026510de03f73773cc8348f0025721d26033215c_arm64", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:8913009902c71afe34f3a98ed720997e72f764cb7e251a08a2698f2d8ce64e24_s390x", "8Base-RHACM-2.7:rhacm2/endpoint-monitoring-rhel8-operator@sha256:c5bcc8c4e5d2a4b7270b04dc1b8e8fa399a0f0bfff1d1cc3e7ec0b7b7b6e0f3f_ppc64le", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:002229b229bf9a13e54dc16e1edacc0cf8c75d6f46948868a045d79dfd38033c_amd64", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:53a9030933e0b2f752461e5337590ad16e891a8fdda897d8a0cb8e135363f0d0_ppc64le", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:d4296089159e15bf3e11f5695a34d10b83875a346545f1d09824b4fe47295cf8_s390x", "8Base-RHACM-2.7:rhacm2/governance-policy-propagator-rhel8@sha256:e05489056e65dba4eb291b050c8072608a5efc2ce971b34a903c8c7ca07e0927_arm64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:0d64615d4c3a6fc8e0fc5eb595d8f846f17f7462aaf66b40aa54436fe2b4bd2b_amd64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:c182f0b51bfd9b29ea7363f74522a49b6601418f5db76843231167ef1176f709_s390x", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:d41f6fabaec525dfaac736806b93102479260309f482e155af2b03dc3c9a0c61_arm64", "8Base-RHACM-2.7:rhacm2/grafana-dashboard-loader-rhel8@sha256:f35f6472c8138046e2f9017659dfb5a703cd895032a21d6d95c1075173005f7c_ppc64le", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:83354271af399291790b9c3e2e98ba1db7fac99b48a385d50e7318b357f882ca_ppc64le", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:cc5f8499009dc316d936c3a57f9a9457d5f2bbc8568e2b484a7c8b1cc676da7c_arm64", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:e79bba365fb1a5edb7cc53d07cebdbb56e861948dedd61e9697f14a8defc300b_amd64", "8Base-RHACM-2.7:rhacm2/iam-policy-controller-rhel8@sha256:f7a86d6209a19498e56da1f39533a1198af35c2a9e3c824cea252eb34d737219_s390x", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:41d64847ac789df45b51aeca8debfa2a5ac7ff15ad880ba7213ce8afbe4aff2e_amd64", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:5a32ad8c8e7792f9679a604f073bce047c4f8fdd713a655ae83314e27366c5af_arm64", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:7040938ffaa1682dfefe95a614335b9d4f59aac472e47937f1d19f8325d985e6_ppc64le", "8Base-RHACM-2.7:rhacm2/insights-client-rhel8@sha256:9d25ef8c29b2dac4660e18c17d0286fa2ff0f6f6383b6bf795f7e5e6f70b950e_s390x", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:4bf538ff68126949da79f7b1ab97a44a64529e240cd3f84360a88bb6a9a08e4d_ppc64le", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:57bf2eca5df0be601d7dd59357e95d078bf69d26c1b26cdd56d0d311df123d5a_arm64", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:65f96884ed34103842217b26597ec413197db699aeb004daeca08f1d08014f46_amd64", "8Base-RHACM-2.7:rhacm2/insights-metrics-rhel8@sha256:ed01454411cbdfb20661aecc76e00767b5ec122e27a379159476eabba741b94e_s390x", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:523776c04653aac8c750ff48156fd7a5b0efd9ad35c40cbacdbe0ca6dda48217_amd64", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:7cea9ce9aeb26df137590353de05b8a88ee55faa43cecde68e40fb875f9844cd_arm64", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:866125412b6812710734b9e72d09581be40879bb57236e37660e2d29210a37ad_s390x", "8Base-RHACM-2.7:rhacm2/klusterlet-addon-controller-rhel8@sha256:c89f9fed1ce56a6baf10808454b01d4df88571db744feb2bfae8b5707d82013f_ppc64le", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:407178ad223483b92a382e0fb916de9f42f1a0db9aaacb66710a7a743f1c3dce_arm64", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:455dde7a89b1505c93651022451b83e1e8f86186b98f660e3c6ad998a97d48f3_ppc64le", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:95de0275698ef704379246e088763c3827171487049b9cfb857712ddbdef46e9_amd64", "8Base-RHACM-2.7:rhacm2/kube-rbac-proxy-rhel8@sha256:f0397b30dc7b824b0e37a256c5a067585885c80db1033b44a13fe56446cd80a9_s390x", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:1f27bc62a66413a31d2d680ecd2a8ed9c9d378341da56b788cd86c98151a1fd4_s390x", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:534420075e829b5881f6cd3f32d4aa90ea3075de869b84f689c9606d4f03521a_arm64", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:8cc675a0cf4ff24b28c0b75a54fc4f3328c6a9f041f21d1814d210b7704f6970_amd64", "8Base-RHACM-2.7:rhacm2/kube-state-metrics-rhel8@sha256:c56179f297ebab2ef9851417ec42ac6c16b6f8cb3627c243ff6984d2dd6ac76d_ppc64le", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:3b94abf5182934113b1cf9b8688a2da977d5fec3110f2d79b81b2ec46ffeada3_ppc64le", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:70aa7c3711b4085caa9ba50295dfedf9b2cd3a1b37e815e4a7245c1aef0cfe22_s390x", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:bea2ee18f401ec1b4c4b87f40f6f79a4418d6aafad5e2b50099f7541b6699de7_arm64", "8Base-RHACM-2.7:rhacm2/management-ingress-rhel8@sha256:f45de50d8d7b6a285317a3bc1c413427841c8d6fab742f6de0a61bad9722b61e_amd64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:094b84362782a88d8b0c7a75a23dd5ae3ff846913f0a49e732d53cc0efdf6a61_arm64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:708e8f9531f5cc33a2543956eb0c940e5ad36d2ac196903a0beaa42944cb543f_ppc64le", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:baa029b8feb59ec4d626f021ebf777cc991c1a24c29c321c40513b91641f4bbc_amd64", "8Base-RHACM-2.7:rhacm2/memcached-exporter-rhel8@sha256:c7937a592a255199c316e30c499d0c150cc95c3f208e46d8a936a5bc03a1fed6_s390x", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:21d28e1c3d1c7e8803261867c20a29df444676780ed9d4cc9f1dd1c8dbd68688_amd64", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6bac06a2e1e181fe4920a33df5ce433635871a42ba30fbbe0adff1c505fbab4b_ppc64le", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:6c7cb2786f6863e7d1c8554f159c68123921d22bbd7bec5fc3532cad991937b4_s390x", "8Base-RHACM-2.7:rhacm2/memcached-rhel8@sha256:e044af5fee732dd9923759b312c3b72dd4b6ab1780456973f35677d72586913e_arm64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:21644ef77ec046c79fb64f612245ac5d59c0aa569c548b48062da8896d159696_s390x", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:2358249e2cf40d054cca5711f39091e2f0cbd44e61a24d3c1dd1a9e79cc440b1_arm64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:9638fab8d1439730395607cc99bcda33eae5e813778398888124e8ae319cb80e_amd64", "8Base-RHACM-2.7:rhacm2/metrics-collector-rhel8@sha256:e06aed89ad0c48bef78e45512d22c3373f62c63d335d953ba064b160a68fcad2_ppc64le", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:1063ef655f5dd15b0b914572ba672892eb53b441ae151d14cffca9d320860f2d_ppc64le", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:3f0ab9161698eb9e3342c3b3fc70d5ca9c420cdcc5a5ccebc8cc993dfefb9dc3_amd64", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:651c4ac3da42bc2acfe9bff35e397ccf5e88abb6303622f3244d6ccb9b8f9e0d_s390x", "8Base-RHACM-2.7:rhacm2/multicloud-integrations-rhel8@sha256:f02a569222e13356f5fbdef5b7d2da943e6f6071fd88ba75a2565b3d340b6c3a_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:49083d7039af6df4bd639dd998162c96dc586da4d828ffbe9c880a8a8d6d13d6_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:68228ba1ef7bf5631f0cab91cb4e9f86c3d24c1ad587332d42c4f85e1a3608d7_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:93da29b41da3c87d4bffaf42369b50217f5d8f81d0a82c4108c27a3c40f544d8_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-observability-rhel8-operator@sha256:f212909bc9ed5be6da68a3b6a4866fdc17ecc3514b075977a8679998d6742cbe_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:299f0753c65ab4e609418fd5515bdcb041bee357f4db192ae32a24ad0c4d7853_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:62520c406cdbd823e99e8ee9ff9119b61cb6880fcb1335211b6520bedec564f2_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:9c58c89cb0173394684d7d23178ad32eb2d571444cb306ea599565eaac92ea4f_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-application-rhel8@sha256:b385c92b069a8dae72e57b69d24e1fff59ad46781579882a1edfa4839fd8bbba_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:044723d62439a8364772ab27be2c04dbd2c0421dbeb0a7b94f70e99e646b4c80_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:d8fe5baa4aefbcf41861743a3cf6c94f8a2a63526e96e5d263a40a8cb8a5ad4e_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:da65bc93513dfb37a4828eaf5e1d4c08265ffdba05028fed95a564341d226771_amd64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-channel-rhel8@sha256:ddb1016901287c80ef1972f25db37b1182e854115671961efb3fc0048cd95800_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:548d610f996e73b67eb21d2993b5ac3d0da02997a48b9c1226072d6d95ae4c3b_arm64", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:6307eb5e9195415477b18d701310e8813772b7120d0fc4ac83846e54b46b4745_s390x", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:a69777a61feaf373c162a82ffb6f6996df6231c23cb2f1923bdd77c311d7d739_ppc64le", "8Base-RHACM-2.7:rhacm2/multicluster-operators-subscription-rhel8@sha256:e53b330ed0c4ed0803a93b18a6ce290814dcd16dce6eb980809b5b8c6c09deb4_amd64", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:405fa2e3363a3c124a5764d6153b7bcba3d43a3026813085e44c9246d51ca60a_amd64", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:b82d4ecef59b69623ec4d0a9b5537fa52e007336727c92345cd829d80961f14a_s390x", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:e96ea7f3533e7d0836512cbc2b027b60c400aa16c8e4691117608ab4736a059b_ppc64le", "8Base-RHACM-2.7:rhacm2/multiclusterhub-rhel8@sha256:fdf9ae4924a587c945a85b2319b0471a5688368df572f2de852c51da8bc74dcb_arm64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:1af36144b83dc16cd1958d0414be55eaa2aae95894b6eefd2233308ace81df02_ppc64le", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:2aeec43f11c6572abb7d4468560dc1561a023d9692058a4ac2b13a0cedb44dde_amd64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:8b359fcf74d236fc488ef4553dbaf9dbec549e331f2b103b40139aa2eb1345e4_arm64", "8Base-RHACM-2.7:rhacm2/node-exporter-rhel8@sha256:97291260ff17e7e1b1f490a68041613ca5f7c192d848f928eca9b867de47bc4e_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:16eeedaa25dd61c03514479044fde9851c5b4224b718a496e33d43a06f57d5b5_amd64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:928c114e3aca978626ad91889aaed0cc20ca0d641ad946c9a1b1f2424245c795_arm64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c4e260eabb09bacc1aa332ea2001333c671e0fc65a3ef4d04e02b5473b45642d_ppc64le", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8-operator@sha256:c870e034b29dfa320cb6a6bf60021033b622b76a0c4aaaf2a768326ea046b459_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:1e46b8610e037752ecfb30aaac5c7459a81aa119bf0c2b2ffb0dc90cd5701af0_arm64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:51374017a10289e0402363ae2839d110f500be44dc44834dbd8dd66ba0e6f5e9_s390x", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:836c0b874ba4fc57b5f79dffacefd2dc0261822cb6dde17d247db39175a5c27f_amd64", "8Base-RHACM-2.7:rhacm2/observatorium-rhel8@sha256:b7b3de98fbcc216c00d3291691f8997183a6409dabed8ea7b10b336c481b2b87_ppc64le", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:6c9ea79e385be44f735efb932079b328200d47869f5f5f9b442fdb76067cac2a_amd64", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8349cdc4677a2dd37c54b058c487d76e8fbe4c76178e805d4745ef5c62bc6151_arm64", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:8e8c89c184a5d023f031ab7cca2c4c64cdfd151c37aa5ae3a206cb1f1055268f_ppc64le", "8Base-RHACM-2.7:rhacm2/prometheus-alertmanager-rhel8@sha256:fdbba855391acd2b33d0b16f9f0e7ba2a9cdbaa90bf71298182954b7f4c8fe76_s390x", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:59174c376ae5563ea3a2a68bf999458f6b905058f57a7779b6dddd7aff252e4f_amd64", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:6877b4207285d7a0e1343f5c1b70bab163d1fd5004f778998d2e612817ea5f06_s390x", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a3661c1cbfa2f8c230ec44ee5e2fecf1967ce48df0c9699f063bd27407b94dac_arm64", "8Base-RHACM-2.7:rhacm2/prometheus-rhel8@sha256:a5a9a7c264f07c789094cb5371729f86700c0cfce4605b573c236c21a46ea9d6_ppc64le", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:3481fdb51147ce735b7864215cacd4c6a24b2c05a9388866f11be887a5fd0d4f_s390x", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:84486a82cd6655d5e5a1fbccae5a2e9335498d3e05422fa325b443c8923c1b75_arm64", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:bdeee76d09265212805e06117c368c96d40c7b46278dc09413fa300c6198ac2d_amd64", "8Base-RHACM-2.7:rhacm2/rbac-query-proxy-rhel8@sha256:ceb1bd89103c56378166ab968dbaa387ab0531d1592f053718d0c1c683770e3d_ppc64le", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:4b7544ec460f265afb71c9d362cf9851e3ba250c3ab694ccc9a78c15eb38a612_arm64", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:6695c50772760b400d0535f406f02b7c37436c5ce6932b8d5518b995780287a8_s390x", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:91b398bdccc5dbbfb82913ac52110d0b8e2f6c37ded6aa22b7d97ec4655b4cde_amd64", "8Base-RHACM-2.7:rhacm2/search-collector-rhel8@sha256:e129649706a536e4ef6e8f770d0bf682f35da55c86c978c749e903b1a2bbe875_ppc64le", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:17dfda9e5f46f9df69171607ec2e078be9362de4c13e2ed20763fc59a7e9cd1a_s390x", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:4eddabb57e6f448c45fba78dc72f1541ccddb11b63a558764d0c105465a76555_amd64", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:581fb02a9670b27810f2ad35bad4a82d2e1eab77fcd1274de05b0a922450d3fc_ppc64le", "8Base-RHACM-2.7:rhacm2/submariner-addon-rhel8@sha256:7400391c2a56bc01da6fbbf13bb249a01e90d8eccb8d465dfb19c3598f5fecbe_arm64", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:4b228ecad424ca792139152948e27ed4c714dcfbcd540caf117dee20845018c8_ppc64le", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:7ceb607e7a3205361d8c9d1b44aae47381e2d07b129e40b5f90f55c3a8402774_arm64", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:b17fe936f5d8d8da38d72bf2153b47ac619c460c1f8227b4cb2f37cfc18cd4be_s390x", "8Base-RHACM-2.7:rhacm2/thanos-receive-controller-rhel8@sha256:e9a5ef8f2d97357bee0198544d0545c26ee7c7d10116771e510d73eda6c45abe_amd64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:23a4e918b5ffdbad4745e541afad2747bd6b28e534a31e7b5aff74296b27e3e7_amd64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:26de3711356177090694b4bf00821d873127cf8c0675fe42a8f757c5c37a40cd_arm64", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:6515a630cddbb13fd14f81fd3b8c3a95f2469eaf599010b42732d8fd794af1b0_s390x", "8Base-RHACM-2.7:rhacm2/thanos-rhel8@sha256:736e1fd62ba7b6c56ad1af81ab1260dd7d13a770d62914183aaa2cc2ebb0dc20_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-22467" }, { "category": "external", "summary": "RHBZ#2159959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159959" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-22467", "url": "https://www.cve.org/CVERecord?id=CVE-2023-22467" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22467", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22467" }, { "category": "external", "summary": "https://github.com/moment/luxon/security/advisories/GHSA-3xq5-wjfh-ppjc", "url": "https://github.com/moment/luxon/security/advisories/GHSA-3xq5-wjfh-ppjc" } ], "release_date": "2023-01-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-07T18:36:08+00:00", "details": "For Red Hat Advanced Cluster Management for Kubernetes, see the following\ndocumentation, which will be updated shortly for this release, for important\ninstructions on installing this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:01517c35f75f1f4f4c3625eb899bff16ae5c114a241c70b56f7de2310ddd065e_s390x", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:33929c835221f166d0eb731f5e553cdf78a5579a124c90b462d4bb5250dc7254_arm64", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:89dad712668e3fdd11a79fdc477a5a2fe1060902bd3f3e575fd2812b4e9f7037_ppc64le", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:fa807a069376c408c56d593bc2e2569cec0c19f105a727a616dea3bd8305953f_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0630" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:01517c35f75f1f4f4c3625eb899bff16ae5c114a241c70b56f7de2310ddd065e_s390x", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:33929c835221f166d0eb731f5e553cdf78a5579a124c90b462d4bb5250dc7254_arm64", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:89dad712668e3fdd11a79fdc477a5a2fe1060902bd3f3e575fd2812b4e9f7037_ppc64le", "8Base-RHACM-2.7:rhacm2/console-rhel8@sha256:fa807a069376c408c56d593bc2e2569cec0c19f105a727a616dea3bd8305953f_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "luxon: Inefficient regular expression complexity in luxon.js" } ] }
rhsa-2023_0321
Vulnerability from csaf_redhat
Published
2023-01-23 15:20
Modified
2024-11-06 02:18
Summary
Red Hat Security Advisory: nodejs and nodejs-nodemon security, bug fix, and enhancement update
Notes
Topic
An update for nodejs and nodejs-nodemon is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (16.18.1), nodejs-nodemon (2.0.20).
Security Fix(es):
* minimist: prototype pollution (CVE-2021-44906)
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* nodejs: HTTP Request Smuggling due to incorrect parsing of header fields (CVE-2022-35256)
* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* nodejs: Packaged version of undici does not fit with declared version. [rhel-9] (BZ#2151627)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for nodejs and nodejs-nodemon is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (16.18.1), nodejs-nodemon (2.0.20).\n\nSecurity Fix(es):\n\n* minimist: prototype pollution (CVE-2021-44906)\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* nodejs: HTTP Request Smuggling due to incorrect parsing of header fields (CVE-2022-35256)\n\n* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* nodejs: Packaged version of undici does not fit with declared version. [rhel-9] (BZ#2151627)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:0321", "url": "https://access.redhat.com/errata/RHSA-2023:0321" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "2130518", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130518" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "2142808", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142808" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0321.json" } ], "title": "Red Hat Security Advisory: nodejs and nodejs-nodemon security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-06T02:18:20+00:00", "generator": { "date": "2024-11-06T02:18:20+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2023:0321", "initial_release_date": "2023-01-23T15:20:34+00:00", "revision_history": [ { "date": "2023-01-23T15:20:34+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-01-23T15:20:34+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T02:18:20+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 9)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-2.el9_1.src", "product": { "name": "nodejs-nodemon-0:2.0.20-2.el9_1.src", "product_id": "nodejs-nodemon-0:2.0.20-2.el9_1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-2.el9_1?arch=src" } } }, { "category": "product_version", "name": "nodejs-1:16.18.1-3.el9_1.src", "product": { "name": "nodejs-1:16.18.1-3.el9_1.src", "product_id": "nodejs-1:16.18.1-3.el9_1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.18.1-3.el9_1?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-2.el9_1.noarch", "product": { "name": "nodejs-nodemon-0:2.0.20-2.el9_1.noarch", "product_id": "nodejs-nodemon-0:2.0.20-2.el9_1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-2.el9_1?arch=noarch" } } }, { "category": "product_version", "name": "nodejs-docs-1:16.18.1-3.el9_1.noarch", "product": { "name": "nodejs-docs-1:16.18.1-3.el9_1.noarch", "product_id": "nodejs-docs-1:16.18.1-3.el9_1.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-docs@16.18.1-3.el9_1?arch=noarch\u0026epoch=1" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.18.1-3.el9_1.aarch64", "product": { "name": "nodejs-1:16.18.1-3.el9_1.aarch64", "product_id": "nodejs-1:16.18.1-3.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.18.1-3.el9_1?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64", "product": { "name": "nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64", "product_id": "nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@16.18.1-3.el9_1?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-1:16.18.1-3.el9_1.aarch64", "product": { "name": "nodejs-libs-1:16.18.1-3.el9_1.aarch64", "product_id": "nodejs-libs-1:16.18.1-3.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs@16.18.1-3.el9_1?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64", "product": { "name": "npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64", "product_id": "npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.19.2-1.16.18.1.3.el9_1?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.18.1-3.el9_1.aarch64", "product": { "name": "nodejs-debugsource-1:16.18.1-3.el9_1.aarch64", "product_id": "nodejs-debugsource-1:16.18.1-3.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.18.1-3.el9_1?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64", "product": { "name": "nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64", "product_id": "nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.18.1-3.el9_1?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64", "product": { "name": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64", "product_id": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.18.1-3.el9_1?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.18.1-3.el9_1.ppc64le", "product": { "name": "nodejs-1:16.18.1-3.el9_1.ppc64le", "product_id": "nodejs-1:16.18.1-3.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.18.1-3.el9_1?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le", "product": { "name": "nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le", "product_id": "nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@16.18.1-3.el9_1?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-1:16.18.1-3.el9_1.ppc64le", "product": { "name": "nodejs-libs-1:16.18.1-3.el9_1.ppc64le", "product_id": "nodejs-libs-1:16.18.1-3.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs@16.18.1-3.el9_1?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le", "product": { "name": "npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le", "product_id": "npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.19.2-1.16.18.1.3.el9_1?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le", "product": { "name": "nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le", "product_id": "nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.18.1-3.el9_1?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "product": { "name": "nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "product_id": "nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.18.1-3.el9_1?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "product": { "name": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "product_id": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.18.1-3.el9_1?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.18.1-3.el9_1.x86_64", "product": { "name": "nodejs-1:16.18.1-3.el9_1.x86_64", "product_id": "nodejs-1:16.18.1-3.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.18.1-3.el9_1?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64", "product": { "name": "nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64", "product_id": "nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@16.18.1-3.el9_1?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-1:16.18.1-3.el9_1.x86_64", "product": { "name": "nodejs-libs-1:16.18.1-3.el9_1.x86_64", "product_id": "nodejs-libs-1:16.18.1-3.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs@16.18.1-3.el9_1?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64", "product": { "name": "npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64", "product_id": "npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.19.2-1.16.18.1.3.el9_1?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.18.1-3.el9_1.x86_64", "product": { "name": "nodejs-debugsource-1:16.18.1-3.el9_1.x86_64", "product_id": "nodejs-debugsource-1:16.18.1-3.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.18.1-3.el9_1?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64", "product": { "name": "nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64", "product_id": "nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.18.1-3.el9_1?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64", "product": { "name": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64", "product_id": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.18.1-3.el9_1?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "nodejs-libs-1:16.18.1-3.el9_1.i686", "product": { "name": "nodejs-libs-1:16.18.1-3.el9_1.i686", "product_id": "nodejs-libs-1:16.18.1-3.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs@16.18.1-3.el9_1?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.18.1-3.el9_1.i686", "product": { "name": "nodejs-debugsource-1:16.18.1-3.el9_1.i686", "product_id": "nodejs-debugsource-1:16.18.1-3.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.18.1-3.el9_1?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.18.1-3.el9_1.i686", "product": { "name": "nodejs-debuginfo-1:16.18.1-3.el9_1.i686", "product_id": "nodejs-debuginfo-1:16.18.1-3.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.18.1-3.el9_1?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686", "product": { "name": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686", "product_id": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.18.1-3.el9_1?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.18.1-3.el9_1.s390x", "product": { "name": "nodejs-1:16.18.1-3.el9_1.s390x", "product_id": "nodejs-1:16.18.1-3.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.18.1-3.el9_1?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:16.18.1-3.el9_1.s390x", "product": { "name": "nodejs-full-i18n-1:16.18.1-3.el9_1.s390x", "product_id": "nodejs-full-i18n-1:16.18.1-3.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@16.18.1-3.el9_1?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-1:16.18.1-3.el9_1.s390x", "product": { "name": "nodejs-libs-1:16.18.1-3.el9_1.s390x", "product_id": "nodejs-libs-1:16.18.1-3.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs@16.18.1-3.el9_1?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.19.2-1.16.18.1.3.el9_1.s390x", "product": { "name": "npm-1:8.19.2-1.16.18.1.3.el9_1.s390x", "product_id": "npm-1:8.19.2-1.16.18.1.3.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.19.2-1.16.18.1.3.el9_1?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.18.1-3.el9_1.s390x", "product": { "name": "nodejs-debugsource-1:16.18.1-3.el9_1.s390x", "product_id": "nodejs-debugsource-1:16.18.1-3.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.18.1-3.el9_1?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.18.1-3.el9_1.s390x", "product": { "name": "nodejs-debuginfo-1:16.18.1-3.el9_1.s390x", "product_id": "nodejs-debuginfo-1:16.18.1-3.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.18.1-3.el9_1?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x", "product": { "name": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x", "product_id": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.18.1-3.el9_1?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.18.1-3.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.aarch64" }, "product_reference": "nodejs-1:16.18.1-3.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.18.1-3.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.ppc64le" }, "product_reference": "nodejs-1:16.18.1-3.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.18.1-3.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.s390x" }, "product_reference": "nodejs-1:16.18.1-3.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.18.1-3.el9_1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.src" }, "product_reference": "nodejs-1:16.18.1-3.el9_1.src", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.18.1-3.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.x86_64" }, "product_reference": "nodejs-1:16.18.1-3.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64" }, "product_reference": "nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.18.1-3.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.i686" }, "product_reference": "nodejs-debuginfo-1:16.18.1-3.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le" }, "product_reference": "nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.18.1-3.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.s390x" }, "product_reference": "nodejs-debuginfo-1:16.18.1-3.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64" }, "product_reference": "nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.18.1-3.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.aarch64" }, "product_reference": "nodejs-debugsource-1:16.18.1-3.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.18.1-3.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.i686" }, "product_reference": "nodejs-debugsource-1:16.18.1-3.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le" }, "product_reference": "nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.18.1-3.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.s390x" }, "product_reference": "nodejs-debugsource-1:16.18.1-3.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.18.1-3.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.x86_64" }, "product_reference": "nodejs-debugsource-1:16.18.1-3.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-docs-1:16.18.1-3.el9_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-docs-1:16.18.1-3.el9_1.noarch" }, "product_reference": "nodejs-docs-1:16.18.1-3.el9_1.noarch", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64" }, "product_reference": "nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le" }, "product_reference": "nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:16.18.1-3.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.s390x" }, "product_reference": "nodejs-full-i18n-1:16.18.1-3.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64" }, "product_reference": "nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-1:16.18.1-3.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.aarch64" }, "product_reference": "nodejs-libs-1:16.18.1-3.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-1:16.18.1-3.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.i686" }, "product_reference": "nodejs-libs-1:16.18.1-3.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-1:16.18.1-3.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.ppc64le" }, "product_reference": "nodejs-libs-1:16.18.1-3.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-1:16.18.1-3.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.s390x" }, "product_reference": "nodejs-libs-1:16.18.1-3.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-1:16.18.1-3.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.x86_64" }, "product_reference": "nodejs-libs-1:16.18.1-3.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64" }, "product_reference": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686" }, "product_reference": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le" }, "product_reference": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x" }, "product_reference": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64" }, "product_reference": "nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-2.el9_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.noarch" }, "product_reference": "nodejs-nodemon-0:2.0.20-2.el9_1.noarch", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-2.el9_1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.src" }, "product_reference": "nodejs-nodemon-0:2.0.20-2.el9_1.src", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64" }, "product_reference": "npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le" }, "product_reference": "npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.19.2-1.16.18.1.3.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.s390x" }, "product_reference": "npm-1:8.19.2-1.16.18.1.3.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64" }, "product_reference": "npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-44906", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-03-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2066009" } ], "notes": [ { "category": "description", "text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "minimist: prototype pollution", "title": "Vulnerability summary" }, { "category": "other", "text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.src", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-docs-1:16.18.1-3.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.src", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44906" }, { "category": "external", "summary": "RHBZ#2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44906" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h", "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h" } ], "release_date": "2022-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-23T15:20:34+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.src", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-docs-1:16.18.1-3.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.src", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0321" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.src", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-docs-1:16.18.1-3.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.src", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "minimist: prototype pollution" }, { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.src", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-docs-1:16.18.1-3.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.src", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-23T15:20:34+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.src", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-docs-1:16.18.1-3.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.src", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0321" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.src", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-docs-1:16.18.1-3.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.src", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "acknowledgments": [ { "names": [ "VVX7" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2022-35256", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2022-09-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2130518" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in NodeJS due to improper validation of HTTP requests. The llhttp parser in the HTTP module in Node.js does not correctly handle header fields that are not terminated with CLRF. This issue may result in HTTP Request Smuggling. This flaw allows a remote attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: HTTP Request Smuggling due to incorrect parsing of header fields", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.src", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-docs-1:16.18.1-3.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64" ], "known_not_affected": [ "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-35256" }, { "category": "external", "summary": "RHBZ#2130518", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130518" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-35256", "url": "https://www.cve.org/CVERecord?id=CVE-2022-35256" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/#http-request-smuggling-due-to-incorrect-parsing-of-header-fields-medium-cve-2022-35256", "url": "https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/#http-request-smuggling-due-to-incorrect-parsing-of-header-fields-medium-cve-2022-35256" } ], "release_date": "2022-09-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-23T15:20:34+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.src", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-docs-1:16.18.1-3.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0321" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.src", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-docs-1:16.18.1-3.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: HTTP Request Smuggling due to incorrect parsing of header fields" }, { "cve": "CVE-2022-43548", "cwe": { "id": "CWE-350", "name": "Reliance on Reverse DNS Resolution for a Security-Critical Action" }, "discovery_date": "2022-11-08T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140911" } ], "notes": [ { "category": "description", "text": "A flaw was found in NodeJS. The issue occurs in the Node.js rebinding protector for --inspect that still allows invalid IP addresses, specifically, the octal format. This flaw allows an attacker to perform DNS rebinding and execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: DNS rebinding in inspect via invalid octal IP address", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.src", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-docs-1:16.18.1-3.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64" ], "known_not_affected": [ "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-nodemon-0:2.0.20-2.el9_1.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-43548" }, { "category": "external", "summary": "RHBZ#2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-43548", "url": "https://www.cve.org/CVERecord?id=CVE-2022-43548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548", "url": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548" } ], "release_date": "2022-11-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-23T15:20:34+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.src", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-docs-1:16.18.1-3.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0321" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.src", "AppStream-9.1.0.Z.MAIN:nodejs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-debugsource-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-docs-1:16.18.1-3.el9_1.noarch", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-full-i18n-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nodejs-libs-debuginfo-1:16.18.1-3.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:npm-1:8.19.2-1.16.18.1.3.el9_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: DNS rebinding in inspect via invalid octal IP address" } ] }
wid-sec-w-2022-2338
Vulnerability from csaf_certbund
Published
2022-12-14 23:00
Modified
2023-06-15 22:00
Summary
Red Hat Enterprise Linux (Advanced Cluster Management): Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux Advanced Cluster Management ausnutzen, um einen Denial of Service Angriff durchzuführen oder die Authentisierung zu umgehen.
Betroffene Betriebssysteme
- Linux
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux Advanced Cluster Management ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder die Authentisierung zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2022-2338 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2338.json" }, { "category": "self", "summary": "WID-SEC-2022-2338 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2338" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3642 vom 2023-06-15", "url": "https://access.redhat.com/errata/RHSA-2023:3642" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1743 vom 2023-04-12", "url": "https://access.redhat.com/errata/RHSA-2023:1743" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1742 vom 2023-04-12", "url": "https://access.redhat.com/errata/RHSA-2023:1742" }, { "category": "external", "summary": "RedHat Security Advisory vom 2022-12-14", "url": "https://access.redhat.com/errata/RHSA-2022:9040" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2022:9073 vom 2022-12-15", "url": "https://access.redhat.com/errata/RHSA-2022:9073" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2022-9073 vom 2022-12-17", "url": "http://linux.oracle.com/errata/ELSA-2022-9073-1.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2022:9108 vom 2023-01-04", "url": "https://access.redhat.com/errata/RHSA-2022:9108" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0032 vom 2023-01-10", "url": "https://access.redhat.com/errata/RHSA-2023:0032" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0237 vom 2023-01-25", "url": "https://access.redhat.com/errata/RHSA-2023:0237" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0471 vom 2023-01-26", "url": "https://access.redhat.com/errata/RHSA-2023:0471" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0612 vom 2023-02-06", "url": "https://access.redhat.com/errata/RHSA-2023:0612" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0630 vom 2023-02-07", "url": "https://access.redhat.com/errata/RHSA-2023:0630" } ], "source_lang": "en-US", "title": "Red Hat Enterprise Linux (Advanced Cluster Management): Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-06-15T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:06:55.390+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2022-2338", "initial_release_date": "2022-12-14T23:00:00.000+00:00", "revision_history": [ { "date": "2022-12-14T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2022-12-15T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2022-12-18T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2023-01-03T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-01-10T23:00:00.000+00:00", "number": "5", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-01-25T23:00:00.000+00:00", "number": "6", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-01-26T23:00:00.000+00:00", "number": "7", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-02-06T23:00:00.000+00:00", "number": "8", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-02-07T23:00:00.000+00:00", "number": "9", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-04-12T22:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-06-15T22:00:00.000+00:00", "number": "11", "summary": "Neue Updates von Red Hat aufgenommen" } ], "status": "final", "version": "11" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Advanced Cluster Management", "product": { "name": "Red Hat Enterprise Linux Advanced Cluster Management", "product_id": "T025616", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:advanced_cluster_management" } } } ], "category": "product_name", "name": "Enterprise Linux" }, { "category": "product_name", "name": "Red Hat OpenShift", "product": { "name": "Red Hat OpenShift", "product_id": "T008027", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:-" } } } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-3517", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in Red Hat Enterprise Linux Advanced Cluster Management. Wenn die braceExpand-Funktion mit bestimmten Argumenten aufgerufen wird, kann es zu einem Regular Expression Denial of Service (ReDoS) kommen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service zu verursachen." } ], "product_status": { "known_affected": [ "T025616", "T008027", "67646", "T004914" ] }, "release_date": "2022-12-14T23:00:00Z", "title": "CVE-2022-3517" }, { "cve": "CVE-2022-41912", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in Red Hat Enterprise Linux Advanced Cluster Management. Im Paket crewjam/saml go werden SAML-Antworten mit mehreren Assertion-Elementen unsachgem\u00e4\u00df verarbeitet. Ein entfertner, anonymer Angreifer kann diese Schwachstelle ausnutzen, um die Authentisierung zu umgehen." } ], "product_status": { "known_affected": [ "T025616", "T008027", "67646", "T004914" ] }, "release_date": "2022-12-14T23:00:00Z", "title": "CVE-2022-41912" } ] }
wid-sec-w-2023-1350
Vulnerability from csaf_certbund
Published
2023-06-01 22:00
Modified
2024-02-15 23:00
Summary
Splunk Splunk Enterprise: Mehrere Schwachstellen in Komponenten von Drittanbietern
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Splunk Enterprise ermöglicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise in diversen Komponenten von Drittanbietern ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Splunk Enterprise erm\u00f6glicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise in diversen Komponenten von Drittanbietern ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows\n- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1350 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1350.json" }, { "category": "self", "summary": "WID-SEC-2023-1350 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1350" }, { "category": "external", "summary": "Splunk Enterprise Security Advisory SVD-2023-0613 vom 2023-06-01", "url": "https://advisory.splunk.com/advisories/SVD-2023-0613" }, { "category": "external", "summary": "IBM Security Bulletin 7008449 vom 2023-06-29", "url": "https://www.ibm.com/support/pages/node/7008449" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0196-1 vom 2024-01-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017743.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0487-1 vom 2024-02-15", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017931.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0486-1 vom 2024-02-15", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017932.html" } ], "source_lang": "en-US", "title": "Splunk Splunk Enterprise: Mehrere Schwachstellen in Komponenten von Drittanbietern", "tracking": { "current_release_date": "2024-02-15T23:00:00.000+00:00", "generator": { "date": "2024-02-16T09:06:57.360+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1350", "initial_release_date": "2023-06-01T22:00:00.000+00:00", "revision_history": [ { "date": "2023-06-01T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-06-29T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-01-23T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-02-15T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von SUSE aufgenommen" } ], "status": "final", "version": "4" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM DB2", "product": { "name": "IBM DB2", "product_id": "5104", "product_identification_helper": { "cpe": "cpe:/a:ibm:db2:-" } } } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c 8.1.14", "product": { "name": "Splunk Splunk Enterprise \u003c 8.1.14", "product_id": "T027935", "product_identification_helper": { "cpe": "cpe:/a:splunk:splunk:8.1.14" } } }, { "category": "product_version_range", "name": "\u003c 8.2.11", "product": { "name": "Splunk Splunk Enterprise \u003c 8.2.11", "product_id": "T027936", "product_identification_helper": { "cpe": "cpe:/a:splunk:splunk:8.2.11" } } }, { "category": "product_version_range", "name": "\u003c 9.0.5", "product": { "name": "Splunk Splunk Enterprise \u003c 9.0.5", "product_id": "T027937", "product_identification_helper": { "cpe": "cpe:/a:splunk:splunk:9.0.5" } } } ], "category": "product_name", "name": "Splunk Enterprise" } ], "category": "vendor", "name": "Splunk" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-27538", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27538" }, { "cve": "CVE-2023-27537", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27537" }, { "cve": "CVE-2023-27536", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27536" }, { "cve": "CVE-2023-27535", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27535" }, { "cve": "CVE-2023-27534", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27534" }, { "cve": "CVE-2023-27533", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27533" }, { "cve": "CVE-2023-23916", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-23916" }, { "cve": "CVE-2023-23915", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-23915" }, { "cve": "CVE-2023-23914", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-23914" }, { "cve": "CVE-2023-1370", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-1370" }, { "cve": "CVE-2023-0286", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-0286" }, { "cve": "CVE-2023-0215", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-0215" }, { "cve": "CVE-2022-46175", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-46175" }, { "cve": "CVE-2022-43680", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-43680" }, { "cve": "CVE-2022-43552", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-43552" }, { "cve": "CVE-2022-43551", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-43551" }, { "cve": "CVE-2022-4304", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-4304" }, { "cve": "CVE-2022-42916", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-42916" }, { "cve": "CVE-2022-42915", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-42915" }, { "cve": "CVE-2022-42004", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-42004" }, { "cve": "CVE-2022-4200", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-4200" }, { "cve": "CVE-2022-41720", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-41720" }, { "cve": "CVE-2022-41716", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-41716" }, { "cve": "CVE-2022-41715", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-41715" }, { "cve": "CVE-2022-40304", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-40304" }, { "cve": "CVE-2022-40303", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-40303" }, { "cve": "CVE-2022-40023", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-40023" }, { "cve": "CVE-2022-38900", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-38900" }, { "cve": "CVE-2022-37616", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-37616" }, { "cve": "CVE-2022-37603", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-37603" }, { "cve": "CVE-2022-37601", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-37601" }, { "cve": "CVE-2022-37599", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-37599" }, { "cve": "CVE-2022-37434", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-37434" }, { "cve": "CVE-2022-36227", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-36227" }, { "cve": "CVE-2022-35737", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-35737" }, { "cve": "CVE-2022-35260", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-35260" }, { "cve": "CVE-2022-35252", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-35252" }, { "cve": "CVE-2022-3517", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-3517" }, { "cve": "CVE-2022-33987", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-33987" }, { "cve": "CVE-2022-32221", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32221" }, { "cve": "CVE-2022-32208", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32208" }, { "cve": "CVE-2022-32207", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32207" }, { "cve": "CVE-2022-32206", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32206" }, { "cve": "CVE-2022-32205", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32205" }, { "cve": "CVE-2022-32189", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32189" }, { "cve": "CVE-2022-32148", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32148" }, { "cve": "CVE-2022-31129", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-31129" }, { "cve": "CVE-2022-30635", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30635" }, { "cve": "CVE-2022-30634", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30634" }, { "cve": "CVE-2022-30633", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30633" }, { "cve": "CVE-2022-30632", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30632" }, { "cve": "CVE-2022-30631", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30631" }, { "cve": "CVE-2022-30630", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30630" }, { "cve": "CVE-2022-30629", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30629" }, { "cve": "CVE-2022-30580", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30580" }, { "cve": "CVE-2022-30115", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30115" }, { "cve": "CVE-2022-29804", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-29804" }, { "cve": "CVE-2022-29526", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-29526" }, { "cve": "CVE-2022-2880", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-2880" }, { "cve": "CVE-2022-2879", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-2879" }, { "cve": "CVE-2022-28327", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-28327" }, { "cve": "CVE-2022-28131", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-28131" }, { "cve": "CVE-2022-27782", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27782" }, { "cve": "CVE-2022-27781", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27781" }, { "cve": "CVE-2022-27780", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27780" }, { "cve": "CVE-2022-27779", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27779" }, { "cve": "CVE-2022-27778", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27778" }, { "cve": "CVE-2022-27776", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27776" }, { "cve": "CVE-2022-27775", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27775" }, { "cve": "CVE-2022-27774", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27774" }, { "cve": "CVE-2022-27664", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27664" }, { "cve": "CVE-2022-27191", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27191" }, { "cve": "CVE-2022-25858", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-25858" }, { "cve": "CVE-2022-24999", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-24999" }, { "cve": "CVE-2022-24921", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-24921" }, { "cve": "CVE-2022-24675", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-24675" }, { "cve": "CVE-2022-23806", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-23806" }, { "cve": "CVE-2022-23773", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-23773" }, { "cve": "CVE-2022-23772", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-23772" }, { "cve": "CVE-2022-23491", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-23491" }, { "cve": "CVE-2022-22576", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-22576" }, { "cve": "CVE-2022-1962", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-1962" }, { "cve": "CVE-2022-1705", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-1705" }, { "cve": "CVE-2021-43565", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-43565" }, { "cve": "CVE-2021-3803", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-3803" }, { "cve": "CVE-2021-36976", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-36976" }, { "cve": "CVE-2021-3520", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-3520" }, { "cve": "CVE-2021-33587", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-33587" }, { "cve": "CVE-2021-33503", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-33503" }, { "cve": "CVE-2021-33502", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-33502" }, { "cve": "CVE-2021-31566", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-31566" }, { "cve": "CVE-2021-29060", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-29060" }, { "cve": "CVE-2021-27292", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-27292" }, { "cve": "CVE-2021-23382", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-23382" }, { "cve": "CVE-2021-23368", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-23368" }, { "cve": "CVE-2021-23343", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-23343" }, { "cve": "CVE-2021-22947", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22947" }, { "cve": "CVE-2021-22946", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22946" }, { "cve": "CVE-2021-22945", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22945" }, { "cve": "CVE-2021-22926", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22926" }, { "cve": "CVE-2021-22925", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22925" }, { "cve": "CVE-2021-22924", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22924" }, { "cve": "CVE-2021-22923", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22923" }, { "cve": "CVE-2021-22922", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22922" }, { "cve": "CVE-2021-22901", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22901" }, { "cve": "CVE-2021-22898", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22898" }, { "cve": "CVE-2021-22897", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22897" }, { "cve": "CVE-2021-22890", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22890" }, { "cve": "CVE-2021-22876", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22876" }, { "cve": "CVE-2021-20095", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-20095" }, { "cve": "CVE-2020-8286", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8286" }, { "cve": "CVE-2020-8285", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8285" }, { "cve": "CVE-2020-8284", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8284" }, { "cve": "CVE-2020-8231", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8231" }, { "cve": "CVE-2020-8203", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8203" }, { "cve": "CVE-2020-8177", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8177" }, { "cve": "CVE-2020-8169", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8169" }, { "cve": "CVE-2020-8116", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8116" }, { "cve": "CVE-2020-7774", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-7774" }, { "cve": "CVE-2020-7753", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-7753" }, { "cve": "CVE-2020-7662", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-7662" }, { "cve": "CVE-2020-28469", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-28469" }, { "cve": "CVE-2020-15138", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-15138" }, { "cve": "CVE-2020-13822", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-13822" }, { "cve": "CVE-2019-20149", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2019-20149" }, { "cve": "CVE-2019-10746", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2019-10746" }, { "cve": "CVE-2019-10744", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2019-10744" }, { "cve": "CVE-2018-25032", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2018-25032" }, { "cve": "CVE-2017-16042", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2017-16042" } ] }
wid-sec-w-2023-2229
Vulnerability from csaf_certbund
Published
2023-08-30 22:00
Modified
2024-05-28 22:00
Summary
Splunk Splunk Enterprise: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Splunk Enterprise ermöglicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.
Angriff
Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise ausnutzen, um beliebigen Code auszuführen, einen 'Denial of Service'-Zustand zu verursachen, seine Privilegien zu erweitern und weitere, nicht spezifizierte Auswirkungen zu verursachen.
Betroffene Betriebssysteme
- Linux
- MacOS X
- Windows
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Splunk Enterprise erm\u00f6glicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen, seine Privilegien zu erweitern und weitere, nicht spezifizierte Auswirkungen zu verursachen.", "title": "Angriff" }, { "category": "general", "text": "- Linux\n- MacOS X\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-2229 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2229.json" }, { "category": "self", "summary": "WID-SEC-2023-2229 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2229" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0801" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0802" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0803" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0804" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0805" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0806" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0807" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0808" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0196-1 vom 2024-01-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017743.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-2988 vom 2024-05-28", "url": "https://linux.oracle.com/errata/ELSA-2024-2988.html" } ], "source_lang": "en-US", "title": "Splunk Splunk Enterprise: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-05-28T22:00:00.000+00:00", "generator": { "date": "2024-05-29T08:07:49.870+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-2229", "initial_release_date": "2023-08-30T22:00:00.000+00:00", "revision_history": [ { "date": "2023-08-30T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2024-01-23T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-05-28T22:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Oracle Linux aufgenommen" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c9.1.1", "product": { "name": "Splunk Splunk Enterprise \u003c9.1.1", "product_id": "T029634", "product_identification_helper": { "cpe": "cpe:/a:splunk:splunk:9.1.1" } } }, { "category": "product_version_range", "name": "\u003c9.0.6", "product": { "name": "Splunk Splunk Enterprise \u003c9.0.6", "product_id": "T029635", "product_identification_helper": { "cpe": "cpe:/a:splunk:splunk:9.0.6" } } }, { "category": "product_version_range", "name": "\u003c8.2.12", "product": { "name": "Splunk Splunk Enterprise \u003c8.2.12", "product_id": "T029636", "product_identification_helper": { "cpe": "cpe:/a:splunk:splunk:8.2.12" } } } ], "category": "product_name", "name": "Splunk Enterprise" } ], "category": "vendor", "name": "Splunk" } ] }, "vulnerabilities": [ { "cve": "CVE-2013-7489", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2013-7489" }, { "cve": "CVE-2018-10237", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2018-10237" }, { "cve": "CVE-2018-20225", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2018-20225" }, { "cve": "CVE-2019-20454", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2019-20454" }, { "cve": "CVE-2019-20838", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2019-20838" }, { "cve": "CVE-2020-14155", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-14155" }, { "cve": "CVE-2020-28469", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-28469" }, { "cve": "CVE-2020-28851", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-28851" }, { "cve": "CVE-2020-29652", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-29652" }, { "cve": "CVE-2020-8169", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-8169" }, { "cve": "CVE-2020-8177", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-8177" }, { "cve": "CVE-2020-8231", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-8231" }, { "cve": "CVE-2020-8284", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-8284" }, { "cve": "CVE-2020-8285", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-8285" }, { "cve": "CVE-2020-8286", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-8286" }, { "cve": "CVE-2020-8908", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-8908" }, { "cve": "CVE-2021-20066", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-20066" }, { "cve": "CVE-2021-22569", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22569" }, { "cve": "CVE-2021-22876", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22876" }, { "cve": "CVE-2021-22890", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22890" }, { "cve": "CVE-2021-22897", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22897" }, { "cve": "CVE-2021-22898", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22898" }, { "cve": "CVE-2021-22901", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22901" }, { "cve": "CVE-2021-22922", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22922" }, { "cve": "CVE-2021-22923", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22923" }, { "cve": "CVE-2021-22924", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22924" }, { "cve": "CVE-2021-22925", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22925" }, { "cve": "CVE-2021-22926", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22926" }, { "cve": "CVE-2021-22945", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22945" }, { "cve": "CVE-2021-22946", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22946" }, { "cve": "CVE-2021-22947", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22947" }, { "cve": "CVE-2021-23343", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-23343" }, { "cve": "CVE-2021-23382", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-23382" }, { "cve": "CVE-2021-27918", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-27918" }, { "cve": "CVE-2021-27919", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-27919" }, { "cve": "CVE-2021-29060", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-29060" }, { "cve": "CVE-2021-29425", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-29425" }, { "cve": "CVE-2021-29923", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-29923" }, { "cve": "CVE-2021-31525", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-31525" }, { "cve": "CVE-2021-31566", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-31566" }, { "cve": "CVE-2021-33194", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-33194" }, { "cve": "CVE-2021-33195", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-33195" }, { "cve": "CVE-2021-33196", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-33196" }, { "cve": "CVE-2021-33197", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-33197" }, { "cve": "CVE-2021-33198", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-33198" }, { "cve": "CVE-2021-34558", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-34558" }, { "cve": "CVE-2021-3520", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-3520" }, { "cve": "CVE-2021-3572", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-3572" }, { "cve": "CVE-2021-36221", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-36221" }, { "cve": "CVE-2021-36976", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-36976" }, { "cve": "CVE-2021-3803", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-3803" }, { "cve": "CVE-2021-38297", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-38297" }, { "cve": "CVE-2021-38561", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-38561" }, { "cve": "CVE-2021-39293", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-39293" }, { "cve": "CVE-2021-41182", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-41182" }, { "cve": "CVE-2021-41183", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-41183" }, { "cve": "CVE-2021-41184", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-41184" }, { "cve": "CVE-2021-41771", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-41771" }, { "cve": "CVE-2021-41772", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-41772" }, { "cve": "CVE-2021-43565", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-43565" }, { "cve": "CVE-2021-44716", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-44716" }, { "cve": "CVE-2021-44717", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-44717" }, { "cve": "CVE-2022-1705", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-1705" }, { "cve": "CVE-2022-1941", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-1941" }, { "cve": "CVE-2022-1962", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-1962" }, { "cve": "CVE-2022-22576", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-22576" }, { "cve": "CVE-2022-2309", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-2309" }, { "cve": "CVE-2022-23491", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-23491" }, { "cve": "CVE-2022-23772", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-23772" }, { "cve": "CVE-2022-23773", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-23773" }, { "cve": "CVE-2022-23806", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-23806" }, { "cve": "CVE-2022-24675", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-24675" }, { "cve": "CVE-2022-24921", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-24921" }, { "cve": "CVE-2022-24999", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-24999" }, { "cve": "CVE-2022-25881", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-25881" }, { "cve": "CVE-2022-27191", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27191" }, { "cve": "CVE-2022-27536", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27536" }, { "cve": "CVE-2022-27664", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27664" }, { "cve": "CVE-2022-27774", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27774" }, { "cve": "CVE-2022-27775", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27775" }, { "cve": "CVE-2022-27776", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27776" }, { "cve": "CVE-2022-27778", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27778" }, { "cve": "CVE-2022-27779", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27779" }, { "cve": "CVE-2022-27780", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27780" }, { "cve": "CVE-2022-27781", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27781" }, { "cve": "CVE-2022-27782", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27782" }, { "cve": "CVE-2022-28131", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-28131" }, { "cve": "CVE-2022-28327", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-28327" }, { "cve": "CVE-2022-2879", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-2879" }, { "cve": "CVE-2022-2880", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-2880" }, { "cve": "CVE-2022-29526", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-29526" }, { "cve": "CVE-2022-29804", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-29804" }, { "cve": "CVE-2022-30115", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30115" }, { "cve": "CVE-2022-30580", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30580" }, { "cve": "CVE-2022-30629", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30629" }, { "cve": "CVE-2022-30630", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30630" }, { "cve": "CVE-2022-30631", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30631" }, { "cve": "CVE-2022-30632", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30632" }, { "cve": "CVE-2022-30633", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30633" }, { "cve": "CVE-2022-30634", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30634" }, { "cve": "CVE-2022-30635", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30635" }, { "cve": "CVE-2022-31129", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-31129" }, { "cve": "CVE-2022-3171", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-3171" }, { "cve": "CVE-2022-32148", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-32148" }, { "cve": "CVE-2022-32149", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-32149" }, { "cve": "CVE-2022-32189", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-32189" }, { "cve": "CVE-2022-32205", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-32205" }, { "cve": "CVE-2022-32206", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-32206" }, { "cve": "CVE-2022-32207", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-32207" }, { "cve": "CVE-2022-32208", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-32208" }, { "cve": "CVE-2022-32221", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-32221" }, { "cve": "CVE-2022-33987", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-33987" }, { "cve": "CVE-2022-3509", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-3509" }, { "cve": "CVE-2022-3510", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-3510" }, { "cve": "CVE-2022-3517", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-3517" }, { "cve": "CVE-2022-35252", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-35252" }, { "cve": "CVE-2022-35260", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-35260" }, { "cve": "CVE-2022-35737", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-35737" }, { "cve": "CVE-2022-36227", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-36227" }, { "cve": "CVE-2022-37599", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-37599" }, { "cve": "CVE-2022-37601", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-37601" }, { "cve": "CVE-2022-37603", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-37603" }, { "cve": "CVE-2022-38900", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-38900" }, { "cve": "CVE-2022-40023", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-40023" }, { "cve": "CVE-2022-40897", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-40897" }, { "cve": "CVE-2022-40899", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-40899" }, { "cve": "CVE-2022-41715", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-41715" }, { "cve": "CVE-2022-41716", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-41716" }, { "cve": "CVE-2022-41720", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-41720" }, { "cve": "CVE-2022-41722", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-41722" }, { "cve": "CVE-2022-42003", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-42003" }, { "cve": "CVE-2022-42004", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-42004" }, { "cve": "CVE-2022-42915", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-42915" }, { "cve": "CVE-2022-42916", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-42916" }, { "cve": "CVE-2022-43551", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-43551" }, { "cve": "CVE-2022-43552", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-43552" }, { "cve": "CVE-2022-46175", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-46175" }, { "cve": "CVE-2023-23914", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-23914" }, { "cve": "CVE-2023-23915", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-23915" }, { "cve": "CVE-2023-23916", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-23916" }, { "cve": "CVE-2023-24539", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-24539" }, { "cve": "CVE-2023-24540", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-24540" }, { "cve": "CVE-2023-27533", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-27533" }, { "cve": "CVE-2023-27534", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-27534" }, { "cve": "CVE-2023-27535", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-27535" }, { "cve": "CVE-2023-27536", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-27536" }, { "cve": "CVE-2023-27537", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-27537" }, { "cve": "CVE-2023-27538", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-27538" }, { "cve": "CVE-2023-29400", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-29400" }, { "cve": "CVE-2023-29402", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-29402" }, { "cve": "CVE-2023-29403", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-29403" }, { "cve": "CVE-2023-29404", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-29404" }, { "cve": "CVE-2023-29405", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-29405" }, { "cve": "CVE-2023-40592", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-40592" }, { "cve": "CVE-2023-40593", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-40593" }, { "cve": "CVE-2023-40594", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-40594" }, { "cve": "CVE-2023-40595", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-40595" }, { "cve": "CVE-2023-40596", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-40596" }, { "cve": "CVE-2023-40597", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-40597" }, { "cve": "CVE-2023-40598", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-40598" } ] }
wid-sec-w-2023-1542
Vulnerability from csaf_certbund
Published
2023-06-22 22:00
Modified
2024-05-21 22:00
Summary
Red Hat OpenShift: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial of Service Zustand herbeizuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Linux
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1542 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1542.json" }, { "category": "self", "summary": "WID-SEC-2023-1542 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1542" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0139 vom 2024-01-10", "url": "https://access.redhat.com/errata/RHSA-2024:0139" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0143 vom 2024-01-10", "url": "https://access.redhat.com/errata/RHSA-2024:0143" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0137 vom 2024-01-10", "url": "https://access.redhat.com/errata/RHSA-2024:0137" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:0121 vom 2024-01-10", "url": "https://access.redhat.com/errata/RHSA-2024:0121" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:7820 vom 2023-12-14", "url": "https://access.redhat.com/errata/RHSA-2023:7820" }, { "category": "external", "summary": "Meinberg Security Advisory", "url": "https://www.meinberg.de/german/news/meinberg-security-advisory-mbgsa-2024-01-lantime-firmware-v7-08-007.htm" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3742 vom 2023-06-22", "url": "https://access.redhat.com/errata/RHSA-2023:3742" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3612 vom 2023-06-23", "url": "https://access.redhat.com/errata/RHSA-2023:3614" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3615 vom 2023-06-22", "url": "https://access.redhat.com/errata/RHSA-2023:3615" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3613 vom 2023-06-27", "url": "https://access.redhat.com/errata/RHSA-2023:3613" }, { "category": "external", "summary": "Red Hat Security Advisory vom 2023-06-29", "url": "https://access.redhat.com/errata/RHSA-2023:3918" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3943 vom 2023-06-29", "url": "https://access.redhat.com/errata/RHSA-2023:3943" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3910 vom 2023-07-06", "url": "https://access.redhat.com/errata/RHSA-2023:3910" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3915 vom 2023-07-06", "url": "https://access.redhat.com/errata/RHSA-2023:3915" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3925 vom 2023-07-06", "url": "https://access.redhat.com/errata/RHSA-2023:3925" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4003 vom 2023-07-10", "url": "https://access.redhat.com/errata/RHSA-2023:4003" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2023-6CFE7492C1 vom 2023-07-16", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-6cfe7492c1" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2023-AA7C75ED4A vom 2023-07-16", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-aa7c75ed4a" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4025 vom 2023-07-18", "url": "https://access.redhat.com/errata/RHSA-2023:4025" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4112 vom 2023-07-18", "url": "https://access.redhat.com/errata/RHSA-2023:4112" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4113 vom 2023-07-18", "url": "https://access.redhat.com/errata/RHSA-2023:4113" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4114 vom 2023-07-18", "url": "https://access.redhat.com/errata/RHSA-2023:4114" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4053 vom 2023-07-19", "url": "https://access.redhat.com/errata/RHSA-2023:4053" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4204 vom 2023-07-19", "url": "https://access.redhat.com/errata/RHSA-2023:4204" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4090 vom 2023-07-21", "url": "https://access.redhat.com/errata/RHSA-2023:4090" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4241 vom 2023-07-21", "url": "https://access.redhat.com/errata/RHSA-2023:4241" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4238 vom 2023-07-20", "url": "https://access.redhat.com/errata/RHSA-2023:4238" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4093 vom 2023-07-20", "url": "https://access.redhat.com/errata/RHSA-2023:4093" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4091 vom 2023-07-20", "url": "https://access.redhat.com/errata/RHSA-2023:4091" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4225 vom 2023-07-27", "url": "https://access.redhat.com/errata/RHSA-2023:4225" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4226 vom 2023-07-27", "url": "https://access.redhat.com/errata/RHSA-2023:4226" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4470 vom 2023-08-03", "url": "https://access.redhat.com/errata/RHSA-2023:4470" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4335 vom 2023-08-08", "url": "https://access.redhat.com/errata/RHSA-2023:4335" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4674 vom 2023-08-23", "url": "https://access.redhat.com/errata/RHSA-2023:4674" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:4983 vom 2023-09-05", "url": "https://access.redhat.com/errata/RHSA-2023:4983" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:5103 vom 2023-09-12", "url": "https://access.redhat.com/errata/RHSA-2023:5103" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:5233 vom 2023-09-19", "url": "https://access.redhat.com/errata/RHSA-2023:5233" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:5314 vom 2023-09-20", "url": "https://access.redhat.com/errata/RHSA-2023:5314" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:5006 vom 2023-12-30", "url": "https://access.redhat.com/errata/RHSA-2023:5006" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:6316 vom 2023-11-07", "url": "https://access.redhat.com/errata/RHSA-2023:6316" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:7058 vom 2023-11-15", "url": "https://access.redhat.com/errata/RHSA-2023:7058" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:7823 vom 2024-01-05", "url": "https://access.redhat.com/errata/RHSA-2023:7823" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-6939 vom 2023-11-21", "url": "https://linux.oracle.com/errata/ELSA-2023-6939.html" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2023-14A33318B8 vom 2023-12-03", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-14a33318b8" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:7672 vom 2023-12-06", "url": "https://access.redhat.com/errata/RHSA-2023:7672" }, { "category": "external", "summary": "Gentoo Linux Security Advisory GLSA-202405-04 vom 2024-05-04", "url": "https://security.gentoo.org/glsa/202405-04" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:2987 vom 2024-05-22", "url": "https://access.redhat.com/errata/RHSA-2024:2987" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:3254 vom 2024-05-22", "url": "https://access.redhat.com/errata/RHSA-2024:3254" } ], "source_lang": "en-US", "title": "Red Hat OpenShift: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-05-21T22:00:00.000+00:00", "generator": { "date": "2024-05-22T12:11:49.378+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1542", "initial_release_date": "2023-06-22T22:00:00.000+00:00", "revision_history": [ { "date": "2023-06-22T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-06-25T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-06-26T22:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-06-28T22:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-06-29T22:00:00.000+00:00", "number": "5", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-07-05T22:00:00.000+00:00", "number": "6", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-07-06T22:00:00.000+00:00", "number": "7", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-07-10T22:00:00.000+00:00", "number": "8", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-07-16T22:00:00.000+00:00", "number": "9", "summary": "Neue Updates von Fedora aufgenommen" }, { "date": "2023-07-17T22:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-07-18T22:00:00.000+00:00", "number": "11", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-07-20T22:00:00.000+00:00", "number": "12", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-07-26T22:00:00.000+00:00", "number": "13", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-08-03T22:00:00.000+00:00", "number": "14", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-08-07T22:00:00.000+00:00", "number": "15", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-08-23T22:00:00.000+00:00", "number": "16", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-09-05T22:00:00.000+00:00", "number": "17", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-09-12T22:00:00.000+00:00", "number": "18", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-09-19T22:00:00.000+00:00", "number": "19", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-09-20T22:00:00.000+00:00", "number": "20", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-11-07T23:00:00.000+00:00", "number": "21", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-11-14T23:00:00.000+00:00", "number": "22", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-11-21T23:00:00.000+00:00", "number": "23", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2023-12-03T23:00:00.000+00:00", "number": "24", "summary": "Neue Updates von Fedora aufgenommen" }, { "date": "2023-12-06T23:00:00.000+00:00", "number": "25", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-12-13T23:00:00.000+00:00", "number": "26", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-01-01T23:00:00.000+00:00", "number": "27", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-01-04T23:00:00.000+00:00", "number": "28", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-01-10T23:00:00.000+00:00", "number": "29", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-01-30T23:00:00.000+00:00", "number": "30", "summary": "Neue Updates von Meinberg aufgenommen" }, { "date": "2024-05-05T22:00:00.000+00:00", "number": "31", "summary": "Neue Updates von Gentoo aufgenommen" }, { "date": "2024-05-21T22:00:00.000+00:00", "number": "32", "summary": "Neue Updates von Red Hat aufgenommen" } ], "status": "final", "version": "32" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Fedora Linux", "product": { "name": "Fedora Linux", "product_id": "74185", "product_identification_helper": { "cpe": "cpe:/o:fedoraproject:fedora:-" } } } ], "category": "vendor", "name": "Fedora" }, { "branches": [ { "category": "product_name", "name": "Gentoo Linux", "product": { "name": "Gentoo Linux", "product_id": "T012167", "product_identification_helper": { "cpe": "cpe:/o:gentoo:linux:-" } } } ], "category": "vendor", "name": "Gentoo" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c7.08.007", "product": { "name": "Meinberg LANTIME \u003c7.08.007", "product_id": "T032435", "product_identification_helper": { "cpe": "cpe:/h:meinberg:lantime:7.08.007" } } } ], "category": "product_name", "name": "LANTIME" } ], "category": "vendor", "name": "Meinberg" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } }, { "category": "product_version", "name": "Advanced Cluster Security for Kubernetes 4", "product": { "name": "Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4", "product_id": "T027916", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4" } } }, { "category": "product_version", "name": "Service Interconnect 1", "product": { "name": "Red Hat Enterprise Linux Service Interconnect 1", "product_id": "T028472", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:service_interconnect_1" } } } ], "category": "product_name", "name": "Enterprise Linux" }, { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift", "product": { "name": "Red Hat OpenShift", "product_id": "T008027", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:-" } } }, { "category": "product_version", "name": "Container Platform 4.12", "product": { "name": "Red Hat OpenShift Container Platform 4.12", "product_id": "T026435", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:container_platform_4.12" } } }, { "category": "product_version_range", "name": "Container Platform \u003c4.13.4", "product": { "name": "Red Hat OpenShift Container Platform \u003c4.13.4", "product_id": "T028225", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:container_platform__4.13.4" } } }, { "category": "product_version_range", "name": "Data Foundation \u003c4.13.0", "product": { "name": "Red Hat OpenShift Data Foundation \u003c4.13.0", "product_id": "T028289", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:data_foundation_4.13.0" } } }, { "category": "product_version_range", "name": "Container Platform \u003c4.12.22", "product": { "name": "Red Hat OpenShift Container Platform \u003c4.12.22", "product_id": "T028307", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:container_platform__4.12.22" } } }, { "category": "product_version_range", "name": "Container Platform \u003c4.11.44", "product": { "name": "Red Hat OpenShift Container Platform \u003c4.11.44", "product_id": "T028416", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:container_platform__4.11.44" } } }, { "category": "product_version_range", "name": "Data Foundation \u003c4.12.10", "product": { "name": "Red Hat OpenShift Data Foundation \u003c4.12.10", "product_id": "T031698", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:data_foundation__4.12.10" } } }, { "category": "product_version_range", "name": "Container Platform \u003c4.14.0", "product": { "name": "Red Hat OpenShift Container Platform \u003c4.14.0", "product_id": "T031839", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:container_platform__4.14.0" } } }, { "category": "product_version_range", "name": "Container Platform \u003c4.12.46", "product": { "name": "Red Hat OpenShift Container Platform \u003c4.12.46", "product_id": "T031870", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:container_platform__4.12.46" } } } ], "category": "product_name", "name": "OpenShift" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-20107", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2015-20107" }, { "cve": "CVE-2018-25032", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2018-25032" }, { "cve": "CVE-2020-10735", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2020-10735" }, { "cve": "CVE-2020-16250", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2020-16250" }, { "cve": "CVE-2020-16251", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2020-16251" }, { "cve": "CVE-2020-17049", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2020-17049" }, { "cve": "CVE-2021-28861", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-28861" }, { "cve": "CVE-2021-3765", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-3765" }, { "cve": "CVE-2021-3807", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-3807" }, { "cve": "CVE-2021-4231", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-4231" }, { "cve": "CVE-2021-4235", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-4235" }, { "cve": "CVE-2021-4238", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-4238" }, { "cve": "CVE-2021-43519", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-43519" }, { "cve": "CVE-2021-43998", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-43998" }, { "cve": "CVE-2021-44531", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-44531" }, { "cve": "CVE-2021-44532", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-44532" }, { "cve": "CVE-2021-44533", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-44533" }, { "cve": "CVE-2021-44964", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-44964" }, { "cve": "CVE-2021-46828", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-46828" }, { "cve": "CVE-2021-46848", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2021-46848" }, { "cve": "CVE-2022-0670", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-0670" }, { "cve": "CVE-2022-1271", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-1271" }, { "cve": "CVE-2022-1304", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-1304" }, { "cve": "CVE-2022-1348", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-1348" }, { "cve": "CVE-2022-1586", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-1586" }, { "cve": "CVE-2022-1587", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-1587" }, { "cve": "CVE-2022-21824", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-21824" }, { "cve": "CVE-2022-2309", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-2309" }, { "cve": "CVE-2022-23540", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-23540" }, { "cve": "CVE-2022-23541", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-23541" }, { "cve": "CVE-2022-24903", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-24903" }, { "cve": "CVE-2022-2509", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-2509" }, { "cve": "CVE-2022-26280", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-26280" }, { "cve": "CVE-2022-27664", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-27664" }, { "cve": "CVE-2022-2795", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-2795" }, { "cve": "CVE-2022-2879", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-2879" }, { "cve": "CVE-2022-2880", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-2880" }, { "cve": "CVE-2022-28805", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-28805" }, { "cve": "CVE-2022-29154", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-29154" }, { "cve": "CVE-2022-30635", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-30635" }, { "cve": "CVE-2022-3094", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-3094" }, { "cve": "CVE-2022-31129", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-31129" }, { "cve": "CVE-2022-32189", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-32189" }, { "cve": "CVE-2022-32190", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-32190" }, { "cve": "CVE-2022-33099", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-33099" }, { "cve": "CVE-2022-3358", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-3358" }, { "cve": "CVE-2022-34903", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-34903" }, { "cve": "CVE-2022-3515", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-3515" }, { "cve": "CVE-2022-3517", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-3517" }, { "cve": "CVE-2022-35737", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-35737" }, { "cve": "CVE-2022-36227", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-36227" }, { "cve": "CVE-2022-3715", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-3715" }, { "cve": "CVE-2022-3736", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-3736" }, { "cve": "CVE-2022-37434", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-37434" }, { "cve": "CVE-2022-38149", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-38149" }, { "cve": "CVE-2022-3821", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-3821" }, { "cve": "CVE-2022-38900", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-38900" }, { "cve": "CVE-2022-3924", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-3924" }, { "cve": "CVE-2022-40023", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-40023" }, { "cve": "CVE-2022-40303", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-40303" }, { "cve": "CVE-2022-40304", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-40304" }, { "cve": "CVE-2022-40897", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-40897" }, { "cve": "CVE-2022-41316", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-41316" }, { "cve": "CVE-2022-41715", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-41715" }, { "cve": "CVE-2022-41717", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-41717" }, { "cve": "CVE-2022-41723", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-41723" }, { "cve": "CVE-2022-41724", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-41724" }, { "cve": "CVE-2022-41725", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-41725" }, { "cve": "CVE-2022-42010", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-42010" }, { "cve": "CVE-2022-42011", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-42011" }, { "cve": "CVE-2022-42012", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-42012" }, { "cve": "CVE-2022-42898", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-42898" }, { "cve": "CVE-2022-42919", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-42919" }, { "cve": "CVE-2022-43680", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-43680" }, { "cve": "CVE-2022-4415", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-4415" }, { "cve": "CVE-2022-45061", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-45061" }, { "cve": "CVE-2022-45873", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-45873" }, { "cve": "CVE-2022-46175", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-46175" }, { "cve": "CVE-2022-47024", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-47024" }, { "cve": "CVE-2022-47629", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-47629" }, { "cve": "CVE-2022-48303", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-48303" }, { "cve": "CVE-2022-48337", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-48337" }, { "cve": "CVE-2022-48338", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-48338" }, { "cve": "CVE-2022-48339", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2022-48339" }, { "cve": "CVE-2023-0361", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-0361" }, { "cve": "CVE-2023-0620", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-0620" }, { "cve": "CVE-2023-0665", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-0665" }, { "cve": "CVE-2023-22809", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-22809" }, { "cve": "CVE-2023-24329", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-24329" }, { "cve": "CVE-2023-2491", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-2491" }, { "cve": "CVE-2023-24999", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-24999" }, { "cve": "CVE-2023-25000", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-25000" }, { "cve": "CVE-2023-25136", "notes": [ { "category": "description", "text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T032435", "T031698", "T008027", "T028472", "67646", "T012167", "T004914", "74185", "T031870", "T027916", "T028307", "T028416", "T026435", "T028225", "T031839" ] }, "release_date": "2023-06-22T22:00:00Z", "title": "CVE-2023-25136" } ] }
ghsa-f8q6-p94x-37v3
Vulnerability from github
Published
2022-10-18 12:00
Modified
2024-02-14 18:15
Severity ?
Summary
minimatch ReDoS vulnerability
Details
A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.
{ "affected": [ { "package": { "ecosystem": "npm", "name": "minimatch" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "3.0.5" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2022-3517" ], "database_specific": { "cwe_ids": [ "CWE-1333", "CWE-400" ], "github_reviewed": true, "github_reviewed_at": "2022-10-20T18:21:03Z", "nvd_published_at": "2022-10-17T20:15:00Z", "severity": "HIGH" }, "details": "A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "id": "GHSA-f8q6-p94x-37v3", "modified": "2024-02-14T18:15:16Z", "published": "2022-10-18T12:00:32Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" }, { "type": "WEB", "url": "https://github.com/grafana/grafana-image-renderer/issues/329" }, { "type": "WEB", "url": "https://github.com/nodejs/node/issues/42510" }, { "type": "WEB", "url": "https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6" }, { "type": "PACKAGE", "url": "https://github.com/isaacs/minimatch" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00011.html" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ], "summary": "minimatch ReDoS vulnerability" }
gsd-2022-3517
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2022-3517", "id": "GSD-2022-3517", "references": [ "https://access.redhat.com/errata/RHSA-2022:8832", "https://access.redhat.com/errata/RHSA-2022:8833", "https://access.redhat.com/errata/RHSA-2022:9040", "https://access.redhat.com/errata/RHSA-2022:9073", "https://access.redhat.com/errata/RHSA-2023:0050", "https://access.redhat.com/errata/RHSA-2023:0321", "https://access.redhat.com/errata/RHSA-2023:0471", "https://access.redhat.com/errata/RHSA-2023:0612", "https://access.redhat.com/errata/RHSA-2023:0630" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2022-3517" ], "details": "A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "id": "GSD-2022-3517", "modified": "2023-12-13T01:19:40.280825Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2022-3517", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "minimatch", "version": { "version_data": [ { "version_value": "minimatch versions prior to 3.0.5" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-400" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6", "refsource": "MISC", "url": "https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6" }, { "name": "https://github.com/grafana/grafana-image-renderer/issues/329", "refsource": "MISC", "url": "https://github.com/grafana/grafana-image-renderer/issues/329" }, { "name": "[debian-lts-announce] 20230115 [SECURITY] [DLA 3271-1] node-minimatch security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00011.html" }, { "name": "FEDORA-2023-ce8943223c", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3/" }, { "name": "FEDORA-2023-18fd476362", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK/" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "\u003c3.0.5", "affected_versions": "All versions before 3.0.5", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cwe_ids": [ "CWE-1035", "CWE-1333", "CWE-937" ], "date": "2023-07-21", "description": "A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "fixed_versions": [ "3.0.5" ], "identifier": "CVE-2022-3517", "identifiers": [ "CVE-2022-3517" ], "not_impacted": "All versions starting from 3.0.5", "package_slug": "npm/minimatch", "pubdate": "2022-10-17", "solution": "Upgrade to version 3.0.5 or above.", "title": "Regular Expression Denial of Service", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "https://github.com/grafana/grafana-image-renderer/issues/329", "https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6" ], "uuid": "3315cba1-b614-499b-b797-7444ab664f89" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:minimatch_project:minimatch:*:*:*:*:*:node.js:*:*", "cpe_name": [], "versionEndExcluding": "3.0.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2022-3517" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-1333" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/grafana/grafana-image-renderer/issues/329", "refsource": "MISC", "tags": [ "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/grafana/grafana-image-renderer/issues/329" }, { "name": "https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6", "refsource": "MISC", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6" }, { "name": "[debian-lts-announce] 20230115 [SECURITY] [DLA 3271-1] node-minimatch security update", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00011.html" }, { "name": "FEDORA-2023-ce8943223c", "refsource": "FEDORA", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3/" }, { "name": "FEDORA-2023-18fd476362", "refsource": "FEDORA", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK/" } ] } }, "impact": { "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } }, "lastModifiedDate": "2023-07-21T21:04Z", "publishedDate": "2022-10-17T20:15Z" } } }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.