Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-42889 (GCVE-0-2022-42889)
Vulnerability from cvelistv5 – Published: 2022-10-13 00:00 – Updated: 2024-11-20 16:19
VLAI
EPSS
Title
Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults
Summary
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default.
Severity
No CVSS data available.
CWE
- Unexpected variable interpolation
Assigner
References
9 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Commons Text |
Affected:
unspecified , ≤ 1.9
(custom)
Affected: 1.5 , < Apache Commons Text* (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:19:05.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"name": "[oss-security] 20221013 CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/13/4"
},
{
"name": "[oss-security] 20221017 Re: CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/18/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20221020-0004/"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0022"
},
{
"name": "GLSA-202301-05",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202301-05"
},
{
"name": "20230214 OXAS-ADV-2022-0002: OX App Suite Security Advisory",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Feb/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/171003/OX-App-Suite-Cross-Site-Scripting-Server-Side-Request-Forgery.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176650/Apache-Commons-Text-1.9-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-42889",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-24T16:22:10.690380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T16:19:41.416Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Apache Commons Text",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "Apache Commons Text*",
"status": "affected",
"version": "1.5",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is \"${prefix:name}\", where \"prefix\" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - \"script\" - execute expressions using the JVM script execution engine (javax.script) - \"dns\" - resolve dns records - \"url\" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default."
}
],
"metrics": [
{
"other": {
"content": {
"other": "important"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unexpected variable interpolation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-19T16:06:47.362Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"name": "[oss-security] 20221013 CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/13/4"
},
{
"name": "[oss-security] 20221017 Re: CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/10/18/1"
},
{
"url": "https://security.netapp.com/advisory/ntap-20221020-0004/"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0022"
},
{
"name": "GLSA-202301-05",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202301-05"
},
{
"name": "20230214 OXAS-ADV-2022-0002: OX App Suite Security Advisory",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2023/Feb/3"
},
{
"url": "http://packetstormsecurity.com/files/171003/OX-App-Suite-Cross-Site-Scripting-Server-Side-Request-Forgery.html"
},
{
"url": "http://packetstormsecurity.com/files/176650/Apache-Commons-Text-1.9-Remote-Code-Execution.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults",
"workarounds": [
{
"lang": "en",
"value": "Upgrade to Apache Commons Text 1.10.0."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-42889",
"datePublished": "2022-10-13T00:00:00.000Z",
"dateReserved": "2022-10-12T00:00:00.000Z",
"dateUpdated": "2024-11-20T16:19:41.416Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-42889",
"date": "2026-05-31",
"epss": "0.94251",
"percentile": "0.99933"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:commons_text:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.5\", \"versionEndExcluding\": \"1.10.0\", \"matchCriteriaId\": \"F52B385F-442F-4587-B680-DD74CC525D27\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:bluexp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC1AE8BD-EE3F-494C-9F03-D4B2B7233106\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:juniper:security_threat_response_manager:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.5.0\", \"matchCriteriaId\": \"334BA50E-637D-42E7-AD73-BC13498D79D0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:juniper:security_threat_response_manager:7.5.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5745211-E47A-481B-928F-B56013DAC19C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:juniper:security_threat_response_manager:7.5.0:up1:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B716977-E015-4628-854B-5828FC3DC150\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:juniper:security_threat_response_manager:7.5.0:up2:*:*:*:*:*:*\", \"matchCriteriaId\": \"22F53DC6-084C-4C06-9A5C-550511E5CC58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:juniper:security_threat_response_manager:7.5.0:up3:*:*:*:*:*:*\", \"matchCriteriaId\": \"41FFF517-DCAC-4CF1-A6D7-29828B037245\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:jsa1500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6F62545-4393-4FD6-9EF4-3516E8835F58\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:jsa3500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BBF05B6A-B4F6-4F7A-927E-106A8C1E8ED7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:jsa3800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"421FD233-CA15-4207-8690-6A1C4C23BDB8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:jsa5500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08C686CC-C971-4891-B8F9-9BE4C09B1160\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:jsa5800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9075ED11-DD7E-49E2-90F5-50ACFCD2F4A4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:jsa7500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"57A506DE-88CE-45C9-A41A-9B5B4E62F36C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:jsa7800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7AFBD1EF-96B1-475E-896A-4000463FEA0A\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is \\\"${prefix:name}\\\", where \\\"prefix\\\" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - \\\"script\\\" - execute expressions using the JVM script execution engine (javax.script) - \\\"dns\\\" - resolve dns records - \\\"url\\\" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default.\"}, {\"lang\": \"es\", \"value\": \"Apache Commons Text lleva a cabo una interpolaci\\u00f3n de variables, permitiendo que las propiedades sean evaluadas y expandidas din\\u00e1micamente. El formato est\\u00e1ndar para la interpolaci\\u00f3n es \\\"${prefix:name}\\\", donde \\\"prefix\\\" es usado para localizar una instancia de org.apache.commons.text.lookup.StringLookup que lleva a cabo la interpolaci\\u00f3n. A partir de la versi\\u00f3n 1.5 y hasta 1.9, el conjunto de instancias de Lookup por defecto inclu\\u00eda interpoladores que pod\\u00edan dar lugar a una ejecuci\\u00f3n de c\\u00f3digo arbitrario o al contacto con servidores remotos. Estos lookups son: - \\\"script\\\" - ejecuta expresiones usando el motor de ejecuci\\u00f3n de scripts de la JVM (javax.script) - \\\"dns\\\" - resuelve registros dns - \\\"url\\\" - carga valores de urls, incluso de servidores remotos Las aplicaciones usando los interpoladores por defecto en las versiones afectadas pueden ser vulnerables a una ejecuci\\u00f3n de c\\u00f3digo remota o al contacto involuntario con servidores remotos si son usados valores de configuraci\\u00f3n que no son confiables. Es recomendado a usuarios actualizar a Apache Commons Text versi\\u00f3n 1.10.0, que deshabilita los interpoladores problem\\u00e1ticos por defecto\"}]",
"id": "CVE-2022-42889",
"lastModified": "2024-11-21T07:25:32.100",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
"published": "2022-10-13T13:15:10.113",
"references": "[{\"url\": \"http://packetstormsecurity.com/files/171003/OX-App-Suite-Cross-Site-Scripting-Server-Side-Request-Forgery.html\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/176650/Apache-Commons-Text-1.9-Remote-Code-Execution.html\", \"source\": \"security@apache.org\"}, {\"url\": \"http://seclists.org/fulldisclosure/2023/Feb/3\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/10/13/4\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/10/18/1\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\", \"Vendor Advisory\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0022\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202301-05\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20221020-0004/\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/171003/OX-App-Suite-Cross-Site-Scripting-Server-Side-Request-Forgery.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/176650/Apache-Commons-Text-1.9-Remote-Code-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://seclists.org/fulldisclosure/2023/Feb/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/10/13/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/10/18/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Vendor Advisory\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0022\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202301-05\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20221020-0004/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-42889\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2022-10-13T13:15:10.113\",\"lastModified\":\"2024-11-21T07:25:32.100\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is \\\"${prefix:name}\\\", where \\\"prefix\\\" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - \\\"script\\\" - execute expressions using the JVM script execution engine (javax.script) - \\\"dns\\\" - resolve dns records - \\\"url\\\" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default.\"},{\"lang\":\"es\",\"value\":\"Apache Commons Text lleva a cabo una interpolaci\u00f3n de variables, permitiendo que las propiedades sean evaluadas y expandidas din\u00e1micamente. El formato est\u00e1ndar para la interpolaci\u00f3n es \\\"${prefix:name}\\\", donde \\\"prefix\\\" es usado para localizar una instancia de org.apache.commons.text.lookup.StringLookup que lleva a cabo la interpolaci\u00f3n. A partir de la versi\u00f3n 1.5 y hasta 1.9, el conjunto de instancias de Lookup por defecto inclu\u00eda interpoladores que pod\u00edan dar lugar a una ejecuci\u00f3n de c\u00f3digo arbitrario o al contacto con servidores remotos. Estos lookups son: - \\\"script\\\" - ejecuta expresiones usando el motor de ejecuci\u00f3n de scripts de la JVM (javax.script) - \\\"dns\\\" - resuelve registros dns - \\\"url\\\" - carga valores de urls, incluso de servidores remotos Las aplicaciones usando los interpoladores por defecto en las versiones afectadas pueden ser vulnerables a una ejecuci\u00f3n de c\u00f3digo remota o al contacto involuntario con servidores remotos si son usados valores de configuraci\u00f3n que no son confiables. Es recomendado a usuarios actualizar a Apache Commons Text versi\u00f3n 1.10.0, que deshabilita los interpoladores problem\u00e1ticos por defecto\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:commons_text:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.5\",\"versionEndExcluding\":\"1.10.0\",\"matchCriteriaId\":\"F52B385F-442F-4587-B680-DD74CC525D27\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:bluexp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC1AE8BD-EE3F-494C-9F03-D4B2B7233106\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:juniper:security_threat_response_manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.5.0\",\"matchCriteriaId\":\"334BA50E-637D-42E7-AD73-BC13498D79D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:juniper:security_threat_response_manager:7.5.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5745211-E47A-481B-928F-B56013DAC19C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:juniper:security_threat_response_manager:7.5.0:up1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B716977-E015-4628-854B-5828FC3DC150\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:juniper:security_threat_response_manager:7.5.0:up2:*:*:*:*:*:*\",\"matchCriteriaId\":\"22F53DC6-084C-4C06-9A5C-550511E5CC58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:juniper:security_threat_response_manager:7.5.0:up3:*:*:*:*:*:*\",\"matchCriteriaId\":\"41FFF517-DCAC-4CF1-A6D7-29828B037245\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:jsa1500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6F62545-4393-4FD6-9EF4-3516E8835F58\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:jsa3500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBF05B6A-B4F6-4F7A-927E-106A8C1E8ED7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:jsa3800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"421FD233-CA15-4207-8690-6A1C4C23BDB8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:jsa5500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08C686CC-C971-4891-B8F9-9BE4C09B1160\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:jsa5800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9075ED11-DD7E-49E2-90F5-50ACFCD2F4A4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:jsa7500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57A506DE-88CE-45C9-A41A-9B5B4E62F36C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:jsa7800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AFBD1EF-96B1-475E-896A-4000463FEA0A\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/171003/OX-App-Suite-Cross-Site-Scripting-Server-Side-Request-Forgery.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/176650/Apache-Commons-Text-1.9-Remote-Code-Execution.html\",\"source\":\"security@apache.org\"},{\"url\":\"http://seclists.org/fulldisclosure/2023/Feb/3\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/10/13/4\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/10/18/1\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0022\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202301-05\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20221020-0004/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/171003/OX-App-Suite-Cross-Site-Scripting-Server-Side-Request-Forgery.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/176650/Apache-Commons-Text-1.9-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/fulldisclosure/2023/Feb/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/10/13/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/10/18/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0022\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202301-05\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20221020-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/10/13/4\", \"name\": \"[oss-security] 20221013 CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/10/18/1\", \"name\": \"[oss-security] 20221017 Re: CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20221020-0004/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0022\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202301-05\", \"name\": \"GLSA-202301-05\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2023/Feb/3\", \"name\": \"20230214 OXAS-ADV-2022-0002: OX App Suite Security Advisory\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/171003/OX-App-Suite-Cross-Site-Scripting-Server-Side-Request-Forgery.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/176650/Apache-Commons-Text-1.9-Remote-Code-Execution.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T13:19:05.212Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-42889\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-01-24T16:22:10.690380Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-20T16:19:24.000Z\"}}], \"cna\": {\"title\": \"Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"other\": {\"type\": \"unknown\", \"content\": {\"other\": \"important\"}}}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Commons Text\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"1.9\"}, {\"status\": \"affected\", \"version\": \"1.5\", \"lessThan\": \"Apache Commons Text*\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/10/13/4\", \"name\": \"[oss-security] 20221013 CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/10/18/1\", \"name\": \"[oss-security] 20221017 Re: CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20221020-0004/\"}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0022\"}, {\"url\": \"https://security.gentoo.org/glsa/202301-05\", \"name\": \"GLSA-202301-05\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2023/Feb/3\", \"name\": \"20230214 OXAS-ADV-2022-0002: OX App Suite Security Advisory\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://packetstormsecurity.com/files/171003/OX-App-Suite-Cross-Site-Scripting-Server-Side-Request-Forgery.html\"}, {\"url\": \"http://packetstormsecurity.com/files/176650/Apache-Commons-Text-1.9-Remote-Code-Execution.html\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Upgrade to Apache Commons Text 1.10.0.\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is \\\"${prefix:name}\\\", where \\\"prefix\\\" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - \\\"script\\\" - execute expressions using the JVM script execution engine (javax.script) - \\\"dns\\\" - resolve dns records - \\\"url\\\" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Unexpected variable interpolation\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2024-01-19T16:06:47.362Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-42889\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-20T16:19:41.416Z\", \"dateReserved\": \"2022-10-12T00:00:00.000Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2022-10-13T00:00:00.000Z\", \"assignerShortName\": \"apache\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2022:9023
Vulnerability from csaf_redhat - Published: 2022-12-14 13:15 - Updated: 2026-05-05 10:06Summary
Red Hat Security Advisory: Red Hat build of Quarkus 2.13.5 release and security update
Severity
Important
Notes
Topic: An update is now available for Red Hat build of Quarkus. Red Hat Product
Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.
Details: This release of Red Hat build of Quarkus 2.13.5 includes security updates, bug
fixes, and enhancements. For more information, see the release notes page listed in the References section.
Security Fix(es):
* CVE-2022-4147 quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus
* CVE-2022-4116 quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE
* CVE-2022-37734 graphql-java: DoS by malicious query
* CVE-2022-3171 protobuf-java: timeout in parser leads to DoS
* CVE-2022-42889 commons-text: apache-commons-text: variable interpolation RCE
* CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
* CVE-2022-42004 jackson-databind: use of deeply nested arrays
* CVE-2022-31197 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in quarkus. This issue occurs in Dev UI Config Editor, which is vulnerable to drive-by localhost attacks leading to remote code execution.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was found in Quarkus. The Quarkus CORS filter allows simple GET and POST requests with an invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest have no event listeners registered on the object returned by the XMLHttpRequest upload property, and have no ReadableStream object used in the request.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow() implementation from PGSQL.
8.0 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
50 references
Acknowledgments
Contrast Security
Joseph Beeton
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Quarkus. Red Hat Product\nSecurity has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Quarkus 2.13.5 includes security updates, bug\nfixes, and enhancements. For more information, see the release notes page listed in the References section.\n\nSecurity Fix(es):\n\n* CVE-2022-4147 quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus \n\n* CVE-2022-4116 quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE\n\n* CVE-2022-37734 graphql-java: DoS by malicious query\n\n* CVE-2022-3171 protobuf-java: timeout in parser leads to DoS\n\n* CVE-2022-42889 commons-text: apache-commons-text: variable interpolation RCE\n\n* CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n\n* CVE-2022-42004 jackson-databind: use of deeply nested arrays \n\n* CVE-2022-31197 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:9023",
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/4966181",
"url": "https://access.redhat.com/articles/4966181"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=redhat.quarkus\u0026version=2.13.5",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=redhat.quarkus\u0026version=2.13.5"
},
{
"category": "external",
"summary": "2126809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126809"
},
{
"category": "external",
"summary": "2129428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129428"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2137645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
},
{
"category": "external",
"summary": "2144748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144748"
},
{
"category": "external",
"summary": "2148867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148867"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_9023.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Quarkus 2.13.5 release and security update",
"tracking": {
"current_release_date": "2026-05-05T10:06:07+00:00",
"generator": {
"date": "2026-05-05T10:06:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2022:9023",
"initial_release_date": "2022-12-14T13:15:01+00:00",
"revision_history": [
{
"date": "2022-12-14T13:15:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-12-14T13:15:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T10:06:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Quarkus 2.13.5",
"product": {
"name": "Red Hat build of Quarkus 2.13.5",
"product_id": "Red Hat build of Quarkus 2.13.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quarkus:2.13"
}
}
}
],
"category": "product_family",
"name": "Red Hat build of Quarkus"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3171",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2137645"
}
],
"notes": [
{
"category": "description",
"text": "A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf-java: timeout in parser leads to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3171"
},
{
"category": "external",
"summary": "RHBZ#2137645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2",
"url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2"
}
],
"release_date": "2022-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "protobuf-java: timeout in parser leads to DoS"
},
{
"acknowledgments": [
{
"names": [
"Joseph Beeton"
],
"organization": "Contrast Security"
}
],
"cve": "CVE-2022-4116",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-11-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2144748"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in quarkus. This issue occurs in Dev UI Config Editor, which is vulnerable to drive-by localhost attacks leading to remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4116"
},
{
"category": "external",
"summary": "RHBZ#2144748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4116",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4116"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4116",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4116"
}
],
"release_date": "2022-11-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE"
},
{
"cve": "CVE-2022-4147",
"cwe": {
"id": "CWE-1026",
"name": "CWE-1026"
},
"discovery_date": "2022-11-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2148867"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Quarkus. The Quarkus CORS filter allows simple GET and POST requests with an invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest have no event listeners registered on the object returned by the XMLHttpRequest upload property, and have no ReadableStream object used in the request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4147"
},
{
"category": "external",
"summary": "RHBZ#2148867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4147"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4147",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4147"
}
],
"release_date": "2022-11-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus"
},
{
"cve": "CVE-2022-31197",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2022-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129428"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow() implementation from PGSQL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "User applications that do not invoke the `ResultSet.refreshRow()` method are not impacted.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be presented soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31197"
},
{
"category": "external",
"summary": "RHBZ#2129428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31197"
},
{
"category": "external",
"summary": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2",
"url": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2"
}
],
"release_date": "2022-08-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names"
},
{
"cve": "CVE-2022-37734",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "graphql-java: DoS by malicious query",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37734"
},
{
"category": "external",
"summary": "RHBZ#2126809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37734",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37734"
}
],
"release_date": "2022-09-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "graphql-java: DoS by malicious query"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
}
]
}
RHSA-2022_8652
Vulnerability from csaf_redhat - Published: 2022-11-28 14:39 - Updated: 2024-12-18 00:37Summary
Red Hat Security Advisory: Red Hat Fuse 7.11.1 release and security update
Severity
Important
Notes
Topic: A minor version update (from 7.11 to 7.11.1) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of Red Hat Fuse 7.11.1 serves as a replacement for Red Hat Fuse 7.11 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.
Security Fix(es):
* hsqldb: Untrusted input may lead to RCE attack [fuse-7] (CVE-2022-41853)
* io.hawt-hawtio-online: bootstrap: XSS in the tooltip or popover data-template attribute [fuse-7] (CVE-2019-8331)
* io.hawt-project: bootstrap: XSS in the tooltip or popover data-template attribute [fuse-7] (CVE-2019-8331)
* wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users [fuse-7] (CVE-2021-3717)
* json-smart: Denial of Service in JSONParserByteArray function [fuse-7] (CVE-2021-31684)
* io.hawt-hawtio-integration: minimist: prototype pollution [fuse-7] (CVE-2021-44906)
* urijs: Authorization Bypass Through User-Controlled Key [fuse-7] (CVE-2022-0613)
* http2-server: Invalid HTTP/2 requests cause DoS [fuse-7] (CVE-2022-2048)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections [fuse-7] (CVE-2022-25857)
* urijs: Leading white space bypasses protocol validation [fuse-7] (CVE-2022-24723)
* Moment.js: Path traversal in moment.locale [fuse-7] (CVE-2022-24785)
* netty: world readable temporary file containing sensitive data [fuse-7] (CVE-2022-24823)
* jdbc-postgresql: postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names [fuse-7] (CVE-2022-31197)
* commons-configuration2: apache-commons-configuration: Apache Commons Configuration insecure interpolation defaults [fuse-7] (CVE-2022-33980)
* commons-text: apache-commons-text: variable interpolation RCE [fuse-7] (CVE-2022-42889)
* undertow: Large AJP request may cause DoS [fuse-7] (CVE-2022-2053)
* moment: inefficient parsing algorithm resulting in DoS [fuse-7] (CVE-2022-31129)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode [fuse-7] (CVE-2022-38749)
For more details about the security issues, including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.
6.1 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.11.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability.
7.8 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.11.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the json-smart package in the JSONParserByteArray. This flaw allows an attacker to cause a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.11.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.11.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in urijs due to the fix of CVE-2021-3647 not considering case-sensitive protocol schemes in the URL. This issue allows attackers to bypass the patch.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.11.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.11.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.11.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
An improper input validation flaw was found in urijs where white space characters are not removed from the beginning of an URL. This issue allows bypassing the protocol validation.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.11.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.11.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
CVE-2021-21290 contains an incomplete fix, and this addresses the issue found in netty. When using multipart decoders in netty, local information disclosure can occur via the local system temporary directory if temporary storing of uploads on the disk is enabled.
5.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.11.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.11.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.11.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow() implementation from PGSQL.
8.0 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.11.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache Commons Configuration's variable interpolation, which by default included several lookup actions that could permit script invocation on remote servers. This issue could allow an attacker to use one of these actions to send a request to execute arbitrary code on the server.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.11.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.11.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.11.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.11.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
99 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A minor version update (from 7.11 to 7.11.1) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat Fuse 7.11.1 serves as a replacement for Red Hat Fuse 7.11 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.\n\nSecurity Fix(es):\n\n* hsqldb: Untrusted input may lead to RCE attack [fuse-7] (CVE-2022-41853)\n\n* io.hawt-hawtio-online: bootstrap: XSS in the tooltip or popover data-template attribute [fuse-7] (CVE-2019-8331)\n\n* io.hawt-project: bootstrap: XSS in the tooltip or popover data-template attribute [fuse-7] (CVE-2019-8331)\n\n* wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users [fuse-7] (CVE-2021-3717)\n\n* json-smart: Denial of Service in JSONParserByteArray function [fuse-7] (CVE-2021-31684)\n\n* io.hawt-hawtio-integration: minimist: prototype pollution [fuse-7] (CVE-2021-44906)\n\n* urijs: Authorization Bypass Through User-Controlled Key [fuse-7] (CVE-2022-0613)\n\n* http2-server: Invalid HTTP/2 requests cause DoS [fuse-7] (CVE-2022-2048)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections [fuse-7] (CVE-2022-25857)\n\n* urijs: Leading white space bypasses protocol validation [fuse-7] (CVE-2022-24723)\n\n* Moment.js: Path traversal in moment.locale [fuse-7] (CVE-2022-24785)\n\n* netty: world readable temporary file containing sensitive data [fuse-7] (CVE-2022-24823)\n\n* jdbc-postgresql: postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names [fuse-7] (CVE-2022-31197)\n\n* commons-configuration2: apache-commons-configuration: Apache Commons Configuration insecure interpolation defaults [fuse-7] (CVE-2022-33980)\n\n* commons-text: apache-commons-text: variable interpolation RCE [fuse-7] (CVE-2022-42889)\n\n* undertow: Large AJP request may cause DoS [fuse-7] (CVE-2022-2053)\n\n* moment: inefficient parsing algorithm resulting in DoS [fuse-7] (CVE-2022-31129)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode [fuse-7] (CVE-2022-38749)\n\nFor more details about the security issues, including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8652",
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1991305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991305"
},
{
"category": "external",
"summary": "2055496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055496"
},
{
"category": "external",
"summary": "2062370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062370"
},
{
"category": "external",
"summary": "2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "2087186",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087186"
},
{
"category": "external",
"summary": "2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "2102695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102695"
},
{
"category": "external",
"summary": "2105067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105067"
},
{
"category": "external",
"summary": "2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "2116952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116952"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129428"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8652.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Fuse 7.11.1 release and security update",
"tracking": {
"current_release_date": "2024-12-18T00:37:36+00:00",
"generator": {
"date": "2024-12-18T00:37:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:8652",
"initial_release_date": "2022-11-28T14:39:27+00:00",
"revision_history": [
{
"date": "2022-11-28T14:39:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-28T14:39:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T00:37:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Fuse 7.11.1",
"product": {
"name": "Red Hat Fuse 7.11.1",
"product_id": "Red Hat Fuse 7.11.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2021-3717",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2021-07-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1991305"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3717"
},
{
"category": "external",
"summary": "RHBZ#1991305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991305"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3717"
}
],
"release_date": "2021-08-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users"
},
{
"cve": "CVE-2021-31684",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-06-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2102695"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json-smart package in the JSONParserByteArray. This flaw allows an attacker to cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json-smart: Denial of Service in JSONParserByteArray function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-31684"
},
{
"category": "external",
"summary": "RHBZ#2102695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102695"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-31684",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31684"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-31684",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31684"
}
],
"release_date": "2021-06-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "json-smart: Denial of Service in JSONParserByteArray function"
},
{
"cve": "CVE-2021-44906",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066009"
}
],
"notes": [
{
"category": "description",
"text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimist: prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "RHBZ#2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
"url": "https://github.com/advisories/GHSA-xvch-5gv4-984h"
}
],
"release_date": "2022-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimist: prototype pollution"
},
{
"cve": "CVE-2022-0613",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"discovery_date": "2022-02-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2055496"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urijs due to the fix of CVE-2021-3647 not considering case-sensitive protocol schemes in the URL. This issue allows attackers to bypass the patch.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urijs: Authorization Bypass Through User-Controlled Key",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0613"
},
{
"category": "external",
"summary": "RHBZ#2055496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0613",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0613"
}
],
"release_date": "2022-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urijs: Authorization Bypass Through User-Controlled Key"
},
{
"cve": "CVE-2022-2048",
"cwe": {
"id": "CWE-410",
"name": "Insufficient Resource Pool"
},
"discovery_date": "2022-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2116952"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http2-server: Invalid HTTP/2 requests cause DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2048"
},
{
"category": "external",
"summary": "RHBZ#2116952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116952"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2048",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2048"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2048",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2048"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j"
}
],
"release_date": "2022-07-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http2-server: Invalid HTTP/2 requests cause DoS"
},
{
"cve": "CVE-2022-2053",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-06-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095862"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Large AJP request may cause DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 is now in Maintenance Support Phase and is marked Fixed. However, Red Hat Fuse Online does not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2053"
},
{
"category": "external",
"summary": "RHBZ#2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2053",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2053"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053"
}
],
"release_date": "2022-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "undertow: Large AJP request may cause DoS"
},
{
"cve": "CVE-2022-24723",
"cwe": {
"id": "CWE-1173",
"name": "Improper Use of Validation Framework"
},
"discovery_date": "2022-03-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2062370"
}
],
"notes": [
{
"category": "description",
"text": "An improper input validation flaw was found in urijs where white space characters are not removed from the beginning of an URL. This issue allows bypassing the protocol validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urijs: Leading white space bypasses protocol validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24723"
},
{
"category": "external",
"summary": "RHBZ#2062370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062370"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24723"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24723",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24723"
}
],
"release_date": "2022-03-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urijs: Leading white space bypasses protocol validation"
},
{
"cve": "CVE-2022-24785",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072009"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Moment.js: Path traversal in moment.locale",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24785"
},
{
"category": "external",
"summary": "RHBZ#2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
"url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
}
],
"release_date": "2022-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
},
{
"category": "workaround",
"details": "Sanitize the user-provided locale name before passing it to Moment.js.",
"product_ids": [
"Red Hat Fuse 7.11.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Moment.js: Path traversal in moment.locale"
},
{
"cve": "CVE-2022-24823",
"cwe": {
"id": "CWE-379",
"name": "Creation of Temporary File in Directory with Insecure Permissions"
},
"discovery_date": "2022-05-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2087186"
}
],
"notes": [
{
"category": "description",
"text": "CVE-2021-21290 contains an incomplete fix, and this addresses the issue found in netty. When using multipart decoders in netty, local information disclosure can occur via the local system temporary directory if temporary storing of uploads on the disk is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: world readable temporary file containing sensitive data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users.\n\nRed Hat Satellite 6 is not affected as is using netty 3.6.7 version which is not impacted by this vulnerability.\n\nRed Hat Fuse 7 is now in Maintenance Support Phase and should be fixed soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24823"
},
{
"category": "external",
"summary": "RHBZ#2087186",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087186"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24823"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24823",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24823"
}
],
"release_date": "2022-05-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
},
{
"category": "workaround",
"details": "As a workaround, specify one\u0027s own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user.",
"product_ids": [
"Red Hat Fuse 7.11.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: world readable temporary file containing sensitive data"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-31129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105075"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moment: inefficient parsing algorithm resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "RHBZ#2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
"url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "moment: inefficient parsing algorithm resulting in DoS"
},
{
"cve": "CVE-2022-31197",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2022-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129428"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow() implementation from PGSQL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "User applications that do not invoke the `ResultSet.refreshRow()` method are not impacted.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be presented soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31197"
},
{
"category": "external",
"summary": "RHBZ#2129428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31197"
},
{
"category": "external",
"summary": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2",
"url": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2"
}
],
"release_date": "2022-08-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names"
},
{
"cve": "CVE-2022-33980",
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Configuration\u0027s variable interpolation, which by default included several lookup actions that could permit script invocation on remote servers. This issue could allow an attacker to use one of these actions to send a request to execute arbitrary code on the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-configuration: Apache Commons Configuration insecure interpolation defaults",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite embeds affected commons-configuration2 with Candlepin, however, product is not affected since vulnerable org.apache.commons.configuration2.interpol.Lookup is not exposed in code. Product Security has rated this vulnerability Low for Satellite and there is no harm identified to confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-33980"
},
{
"category": "external",
"summary": "RHBZ#2105067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-33980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33980"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-33980",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33980"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-configuration: Apache Commons Configuration insecure interpolation defaults"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-41853",
"cwe": {
"id": "CWE-470",
"name": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)"
},
"discovery_date": "2022-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136141"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hsqldb: Untrusted input may lead to RCE attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41853"
},
{
"category": "external",
"summary": "RHBZ#2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41853"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853"
},
{
"category": "external",
"summary": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control",
"url": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-77xx-rxvh-q682",
"url": "https://github.com/advisories/GHSA-77xx-rxvh-q682"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
},
{
"category": "workaround",
"details": "By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).\n\nIn the example below, the property has been included as an argument to the Java command.\n\n java -Dhsqldb.method_class_names=\"org.me.MyClass;org.you.YourClass;org.you.lib.*\" [the rest of the command line]\n\nThe above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.\n\nThe user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.\n\nOnce the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.\n\nIn hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.",
"product_ids": [
"Red Hat Fuse 7.11.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hsqldb: Untrusted input may lead to RCE attack"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"Red Hat Fuse 7.11.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
}
]
}
RHSA-2022_8876
Vulnerability from csaf_redhat - Published: 2022-12-07 08:19 - Updated: 2024-12-16 16:05Summary
Red Hat Security Advisory: Red Hat AMQ Broker 7.10.2 release and security update
Severity
Moderate
Notes
Topic: Red Hat AMQ Broker 7.10.2 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms.
This release of Red Hat AMQ Broker 7.10.2 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
* (CVE-2022-25857) snakeyaml: Denial of Service due to missing nested depth limitation for collections
* (CVE-2022-42003) jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
* (CVE-2022-42004) jackson-databind: use of deeply nested arrays
* (CVE-2022-42889) apache-commons-text: variable interpolation RCE
* (CVE-2022-38749) snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode
* (CVE-2022-38750) snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject
* (CVE-2022-38751) snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Broker 7
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Broker 7
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Broker 7
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Broker 7
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Broker 7
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Broker 7
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Broker 7
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
44 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AMQ Broker 7.10.2 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms.\n\nThis release of Red Hat AMQ Broker 7.10.2 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* (CVE-2022-25857) snakeyaml: Denial of Service due to missing nested depth limitation for collections\n* (CVE-2022-42003) jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n* (CVE-2022-42004) jackson-databind: use of deeply nested arrays\n* (CVE-2022-42889) apache-commons-text: variable interpolation RCE\n* (CVE-2022-38749) snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode\n* (CVE-2022-38750) snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject\n* (CVE-2022-38751) snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8876",
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.10.2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.10.2"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_amq_broker/7.10",
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq_broker/7.10"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8876.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AMQ Broker 7.10.2 release and security update",
"tracking": {
"current_release_date": "2024-12-16T16:05:38+00:00",
"generator": {
"date": "2024-12-16T16:05:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:8876",
"initial_release_date": "2022-12-07T08:19:44+00:00",
"revision_history": [
{
"date": "2022-12-07T08:19:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-12-07T08:19:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-16T16:05:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AMQ Broker 7",
"product": {
"name": "Red Hat AMQ Broker 7",
"product_id": "Red Hat AMQ Broker 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_broker:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss AMQ"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"Red Hat AMQ Broker 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
}
]
}
RHSA-2022_8902
Vulnerability from csaf_redhat - Published: 2022-12-08 13:25 - Updated: 2024-12-16 16:05Summary
Red Hat Security Advisory: Red Hat Camel for Spring Boot 3.18.3 release and security update
Severity
Moderate
Notes
Topic: A minor version update (from 3.14.5 to 3.18.3) is now available for Camel for Spring Boot. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of Camel for Spring Boot 3.18.3 serves as a replacement for Camel for Spring Boot 3.14.2 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.
Security Fix(es):
* commons-text: apache-commons-text: variable interpolation (CVE-2022-42889)
* org.eclipse.milo-sdk-server: sdk-server: Denial of Service (CVE-2022-25897)
* reactor-netty-http: Log request headers in some cases of invalid HTTP requests (CVE-2022-31684)
For more details about the security issues, including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Eclipse Milo SDK Server. This flaw allows an attacker to consume the application memory, leading to a denial of service by sending specific requests.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.18.3
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.18.3
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Reactor Netty HTTP Server, which may log request headers in some cases of invalid HTTP requests. This could allow an attacker to access privileged information when WARN level logging is enabled.
4.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.18.3
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.18.3
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.18.3
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.18.3
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
22 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A minor version update (from 3.14.5 to 3.18.3) is now available for Camel for Spring Boot. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Camel for Spring Boot 3.18.3 serves as a replacement for Camel for Spring Boot 3.14.2 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.\n\nSecurity Fix(es):\n\n* commons-text: apache-commons-text: variable interpolation (CVE-2022-42889)\n\n* org.eclipse.milo-sdk-server: sdk-server: Denial of Service (CVE-2022-25897)\n\n* reactor-netty-http: Log request headers in some cases of invalid HTTP requests (CVE-2022-31684)\n\nFor more details about the security issues, including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8902",
"url": "https://access.redhat.com/errata/RHSA-2022:8902"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2022-Q4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2022-Q4"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2136188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136188"
},
{
"category": "external",
"summary": "2141353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141353"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8902.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Camel for Spring Boot 3.18.3 release and security update",
"tracking": {
"current_release_date": "2024-12-16T16:05:45+00:00",
"generator": {
"date": "2024-12-16T16:05:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:8902",
"initial_release_date": "2022-12-08T13:25:41+00:00",
"revision_history": [
{
"date": "2022-12-08T13:25:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-12-08T13:25:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-16T16:05:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHINT Camel-Springboot 3.18.3",
"product": {
"name": "RHINT Camel-Springboot 3.18.3",
"product_id": "RHINT Camel-Springboot 3.18.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:camel_spring_boot:3.18.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25897",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136188"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Eclipse Milo SDK Server. This flaw allows an attacker to consume the application memory, leading to a denial of service by sending specific requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sdk-server: Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25897"
},
{
"category": "external",
"summary": "RHBZ#2136188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136188"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25897"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25897",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25897"
}
],
"release_date": "2022-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T13:25:41+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nInstallation instructions are available from the Camel for Spring Boot 3.18.3 product documentation page.\n\nhttps://access.redhat.com/documentation/en-us/red_hat_integration/2022.q4/html/getting_started_with_camel_spring_boot/index\n\nhttps://access.redhat.com/documentation/en-us/red_hat_integration/2022.q4/html/camel_spring_boot_reference/index",
"product_ids": [
"RHINT Camel-Springboot 3.18.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8902"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "sdk-server: Denial of Service"
},
{
"cve": "CVE-2022-31684",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"discovery_date": "2022-11-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141353"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Reactor Netty HTTP Server, which may log request headers in some cases of invalid HTTP requests. This could allow an attacker to access privileged information when WARN level logging is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "reactor-netty-http: Log request headers in some cases of invalid HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31684"
},
{
"category": "external",
"summary": "RHBZ#2141353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31684",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31684"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31684",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31684"
}
],
"release_date": "2022-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T13:25:41+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nInstallation instructions are available from the Camel for Spring Boot 3.18.3 product documentation page.\n\nhttps://access.redhat.com/documentation/en-us/red_hat_integration/2022.q4/html/getting_started_with_camel_spring_boot/index\n\nhttps://access.redhat.com/documentation/en-us/red_hat_integration/2022.q4/html/camel_spring_boot_reference/index",
"product_ids": [
"RHINT Camel-Springboot 3.18.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8902"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "reactor-netty-http: Log request headers in some cases of invalid HTTP requests"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T13:25:41+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nInstallation instructions are available from the Camel for Spring Boot 3.18.3 product documentation page.\n\nhttps://access.redhat.com/documentation/en-us/red_hat_integration/2022.q4/html/getting_started_with_camel_spring_boot/index\n\nhttps://access.redhat.com/documentation/en-us/red_hat_integration/2022.q4/html/camel_spring_boot_reference/index",
"product_ids": [
"RHINT Camel-Springboot 3.18.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8902"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"RHINT Camel-Springboot 3.18.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
}
]
}
RHSA-2022_9023
Vulnerability from csaf_redhat - Published: 2022-12-14 13:15 - Updated: 2024-12-16 16:05Summary
Red Hat Security Advisory: Red Hat build of Quarkus 2.13.5 release and security update
Severity
Important
Notes
Topic: An update is now available for Red Hat build of Quarkus. Red Hat Product
Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.
Details: This release of Red Hat build of Quarkus 2.13.5 includes security updates, bug
fixes, and enhancements. For more information, see the release notes page listed in the References section.
Security Fix(es):
* CVE-2022-4147 quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus
* CVE-2022-4116 quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE
* CVE-2022-37734 graphql-java: DoS by malicious query
* CVE-2022-3171 protobuf-java: timeout in parser leads to DoS
* CVE-2022-42889 commons-text: apache-commons-text: variable interpolation RCE
* CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
* CVE-2022-42004 jackson-databind: use of deeply nested arrays
* CVE-2022-31197 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in quarkus. This issue occurs in Dev UI Config Editor, which is vulnerable to drive-by localhost attacks leading to remote code execution.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was found in Quarkus. The Quarkus CORS filter allows simple GET and POST requests with an invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest have no event listeners registered on the object returned by the XMLHttpRequest upload property, and have no ReadableStream object used in the request.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow() implementation from PGSQL.
8.0 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
50 references
Acknowledgments
Contrast Security
Joseph Beeton
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Quarkus. Red Hat Product\nSecurity has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Quarkus 2.13.5 includes security updates, bug\nfixes, and enhancements. For more information, see the release notes page listed in the References section.\n\nSecurity Fix(es):\n\n* CVE-2022-4147 quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus \n\n* CVE-2022-4116 quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE\n\n* CVE-2022-37734 graphql-java: DoS by malicious query\n\n* CVE-2022-3171 protobuf-java: timeout in parser leads to DoS\n\n* CVE-2022-42889 commons-text: apache-commons-text: variable interpolation RCE\n\n* CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n\n* CVE-2022-42004 jackson-databind: use of deeply nested arrays \n\n* CVE-2022-31197 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:9023",
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/4966181",
"url": "https://access.redhat.com/articles/4966181"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=redhat.quarkus\u0026version=2.13.5",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=redhat.quarkus\u0026version=2.13.5"
},
{
"category": "external",
"summary": "2126809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126809"
},
{
"category": "external",
"summary": "2129428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129428"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2137645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
},
{
"category": "external",
"summary": "2144748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144748"
},
{
"category": "external",
"summary": "2148867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148867"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_9023.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Quarkus 2.13.5 release and security update",
"tracking": {
"current_release_date": "2024-12-16T16:05:53+00:00",
"generator": {
"date": "2024-12-16T16:05:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:9023",
"initial_release_date": "2022-12-14T13:15:01+00:00",
"revision_history": [
{
"date": "2022-12-14T13:15:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-12-14T13:15:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-16T16:05:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Quarkus 2.13.5",
"product": {
"name": "Red Hat build of Quarkus 2.13.5",
"product_id": "Red Hat build of Quarkus 2.13.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quarkus:2.13"
}
}
}
],
"category": "product_family",
"name": "Red Hat build of Quarkus"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3171",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2137645"
}
],
"notes": [
{
"category": "description",
"text": "A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf-java: timeout in parser leads to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3171"
},
{
"category": "external",
"summary": "RHBZ#2137645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2",
"url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2"
}
],
"release_date": "2022-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "protobuf-java: timeout in parser leads to DoS"
},
{
"acknowledgments": [
{
"names": [
"Joseph Beeton"
],
"organization": "Contrast Security"
}
],
"cve": "CVE-2022-4116",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-11-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2144748"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in quarkus. This issue occurs in Dev UI Config Editor, which is vulnerable to drive-by localhost attacks leading to remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4116"
},
{
"category": "external",
"summary": "RHBZ#2144748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4116",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4116"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4116",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4116"
}
],
"release_date": "2022-11-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE"
},
{
"cve": "CVE-2022-4147",
"cwe": {
"id": "CWE-1026",
"name": "CWE-1026"
},
"discovery_date": "2022-11-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2148867"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Quarkus. The Quarkus CORS filter allows simple GET and POST requests with an invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest have no event listeners registered on the object returned by the XMLHttpRequest upload property, and have no ReadableStream object used in the request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4147"
},
{
"category": "external",
"summary": "RHBZ#2148867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4147"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4147",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4147"
}
],
"release_date": "2022-11-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus"
},
{
"cve": "CVE-2022-31197",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2022-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129428"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow() implementation from PGSQL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "User applications that do not invoke the `ResultSet.refreshRow()` method are not impacted.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be presented soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31197"
},
{
"category": "external",
"summary": "RHBZ#2129428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31197"
},
{
"category": "external",
"summary": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2",
"url": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2"
}
],
"release_date": "2022-08-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names"
},
{
"cve": "CVE-2022-37734",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "graphql-java: DoS by malicious query",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37734"
},
{
"category": "external",
"summary": "RHBZ#2126809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37734",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37734"
}
],
"release_date": "2022-09-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "graphql-java: DoS by malicious query"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
}
]
}
RHSA-2023:0261
Vulnerability from csaf_redhat - Published: 2023-01-18 14:55 - Updated: 2026-05-05 10:06Summary
Red Hat Security Advisory: Satellite 6.12.1 Async Security Update
Severity
Critical
Notes
Topic: Updated Satellite 6.12 packages that fixes critical security bugs and several regular bugs are now available for Red Hat Satellite.
Details: Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.
Security fix(es):
tfm-rubygem-activerecord: activerecord: Possible RCE escalation bug with Serialized Columns in Active Record (CVE-2022-32224)
candlepin: apache-commons-text: variable interpolation RCE (CVE-2022-42889)
This update fixes the following bugs:
2082209 - Another deadlock issue when syncing repos with high concurrency
2141308 - It appears that the egg is downloaded every time
2150069 - With every edit of an exising webhook, the value in password field disappears in Satellite 6.10/6.11/6.12
2150108 - Satellite-clone not working if ansible-core 2.13 is installed
2150111 - Insights recommendation sync failing in Satelliite
2150112 - Random failure of Inventory Sync
2150114 - Insights-client --register --verbose throwing error UnicodeEncodeError: 'ascii' codec can't encode character '\ufffd' in position 94: ordinal not in range(128)
2150118 - Error "no certificate or crl found" when using a http proxy as "Default Http Proxy" for content syncing or manifest operations in Satellite 6.12
2150119 - Content view publish fails when the content view and repository both have a large name with : Error message: the server returns an error HTTP status code: 500
2150123 = Inspecting an image with skopeo no longer works on Capsules
2150125 - Syncable exports across partitions causes ' Invalid cross-device link' error
2150120 - Upgrade to Satellite 6.12 may fail to apply RemoveDrpmFromIgnorableContent migration if erratum is also a ignorable content type for any repo
Users of Red Hat Satellite are advised to upgrade to these updated packages, which fix these bugs.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
An insecure deserialization flaw was found in Active Record, which uses YAML.unsafe_load to convert the YAML data into Ruby objects. An attacker supplying crafted data to the database can perform remote code execution (RCE), resulting in complete system compromise.
8.5 (High)
Affected products
Fixed
2 products
Known not affected
111 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
Threats
Impact
Important
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
113 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
0.0 (None)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
110 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
Threats
Impact
Low
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated Satellite 6.12 packages that fixes critical security bugs and several regular bugs are now available for Red Hat Satellite.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.\n\nSecurity fix(es):\ntfm-rubygem-activerecord: activerecord: Possible RCE escalation bug with Serialized Columns in Active Record (CVE-2022-32224)\ncandlepin: apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\nThis update fixes the following bugs:\n2082209 - Another deadlock issue when syncing repos with high concurrency\n2141308 - It appears that the egg is downloaded every time\n2150069 - With every edit of an exising webhook, the value in password field disappears in Satellite 6.10/6.11/6.12\n2150108 - Satellite-clone not working if ansible-core 2.13 is installed\n2150111 - Insights recommendation sync failing in Satelliite\n2150112 - Random failure of Inventory Sync\n2150114 - Insights-client --register --verbose throwing error UnicodeEncodeError: \u0027ascii\u0027 codec can\u0027t encode character \u0027\\ufffd\u0027 in position 94: ordinal not in range(128)\n2150118 - Error \"no certificate or crl found\" when using a http proxy as \"Default Http Proxy\" for content syncing or manifest operations in Satellite 6.12\n2150119 - Content view publish fails when the content view and repository both have a large name with : Error message: the server returns an error HTTP status code: 500\n2150123 = Inspecting an image with skopeo no longer works on Capsules\n2150125 - Syncable exports across partitions causes \u0027 Invalid cross-device link\u0027 error \n2150120 - Upgrade to Satellite 6.12 may fail to apply RemoveDrpmFromIgnorableContent migration if erratum is also a ignorable content type for any repo \n\nUsers of Red Hat Satellite are advised to upgrade to these updated packages, which fix these bugs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0261",
"url": "https://access.redhat.com/errata/RHSA-2023:0261"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "2082209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082209"
},
{
"category": "external",
"summary": "2108997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108997"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2141308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141308"
},
{
"category": "external",
"summary": "2150069",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150069"
},
{
"category": "external",
"summary": "2150108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150108"
},
{
"category": "external",
"summary": "2150111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150111"
},
{
"category": "external",
"summary": "2150112",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150112"
},
{
"category": "external",
"summary": "2150114",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150114"
},
{
"category": "external",
"summary": "2150118",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150118"
},
{
"category": "external",
"summary": "2150119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150119"
},
{
"category": "external",
"summary": "2150120",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150120"
},
{
"category": "external",
"summary": "2150123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150123"
},
{
"category": "external",
"summary": "2150125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150125"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0261.json"
}
],
"title": "Red Hat Security Advisory: Satellite 6.12.1 Async Security Update",
"tracking": {
"current_release_date": "2026-05-05T10:06:12+00:00",
"generator": {
"date": "2026-05-05T10:06:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2023:0261",
"initial_release_date": "2023-01-18T14:55:53+00:00",
"revision_history": [
{
"date": "2023-01-18T14:55:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-18T14:55:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T10:06:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.12 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.12::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.12 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.12::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.12 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.12::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.12 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-maintenance",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_maintenance:6.12::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "python-pulp-container-0:2.10.10-1.el8pc.src",
"product": {
"name": "python-pulp-container-0:2.10.10-1.el8pc.src",
"product_id": "python-pulp-container-0:2.10.10-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-container@2.10.10-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulpcore-0:3.18.11-1.el8pc.src",
"product": {
"name": "python-pulpcore-0:3.18.11-1.el8pc.src",
"product_id": "python-pulpcore-0:3.18.11-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulpcore@3.18.11-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-rpm-0:3.18.9-1.el8pc.src",
"product": {
"name": "python-pulp-rpm-0:3.18.9-1.el8pc.src",
"product_id": "python-pulp-rpm-0:3.18.9-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-rpm@3.18.9-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"product": {
"name": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"product_id": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_rh_cloud@6.0.44-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"product": {
"name": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"product_id": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_webhooks@3.0.5-1.1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.5.0.22-1.el8sat.src",
"product": {
"name": "rubygem-katello-0:4.5.0.22-1.el8sat.src",
"product_id": "rubygem-katello-0:4.5.0.22-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.5.0.22-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"product": {
"name": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"product_id": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-smart_proxy_container_gateway@1.0.7-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.12.1-1.el8sat.src",
"product": {
"name": "satellite-0:6.12.1-1.el8sat.src",
"product_id": "satellite-0:6.12.1-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.12.1-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.3.0.18-1.el8sat.src",
"product": {
"name": "foreman-0:3.3.0.18-1.el8sat.src",
"product_id": "foreman-0:3.3.0.18-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.3.0.18-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actioncable-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-actioncable-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-actioncable-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actioncable@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailbox@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailer@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionpack-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-actionpack-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-actionpack-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionpack@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actiontext-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-actiontext-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-actiontext-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actiontext@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionview-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-actionview-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-actionview-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionview@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activejob-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-activejob-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-activejob-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activejob@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activemodel-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-activemodel-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-activemodel-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activemodel@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activerecord-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-activerecord-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-activerecord-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activerecord@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activestorage-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-activestorage-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-activestorage-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activestorage@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:6.0.6-1.el8sat.src",
"product": {
"name": "rubygem-activesupport-0:6.0.6-1.el8sat.src",
"product_id": "rubygem-activesupport-0:6.0.6-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@6.0.6-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-rails-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-rails-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-rails-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rails@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-railties-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-railties-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-railties-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-railties@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-clone-0:3.2.0-2.el8sat.src",
"product": {
"name": "satellite-clone-0:3.2.0-2.el8sat.src",
"product_id": "satellite-clone-0:3.2.0-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-clone@3.2.0-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "candlepin-0:4.1.18-1.el8sat.src",
"product": {
"name": "candlepin-0:4.1.18-1.el8sat.src",
"product_id": "candlepin-0:4.1.18-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.1.18-1.el8sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"product": {
"name": "python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"product_id": "python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulp-container@2.10.10-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"product": {
"name": "python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"product_id": "python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulpcore@3.18.11-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"product": {
"name": "python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"product_id": "python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulp-rpm@3.18.9-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"product_id": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_rh_cloud@6.0.44-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"product_id": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_webhooks@3.0.5-1.1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"product": {
"name": "rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"product_id": "rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.5.0.22-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"product": {
"name": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"product_id": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-smart_proxy_container_gateway@1.0.7-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.12.1-1.el8sat.noarch",
"product": {
"name": "satellite-capsule-0:6.12.1-1.el8sat.noarch",
"product_id": "satellite-capsule-0:6.12.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.12.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.12.1-1.el8sat.noarch",
"product": {
"name": "satellite-common-0:6.12.1-1.el8sat.noarch",
"product_id": "satellite-common-0:6.12.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.12.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.12.1-1.el8sat.noarch",
"product": {
"name": "satellite-0:6.12.1-1.el8sat.noarch",
"product_id": "satellite-0:6.12.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.12.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.12.1-1.el8sat.noarch",
"product": {
"name": "satellite-cli-0:6.12.1-1.el8sat.noarch",
"product_id": "satellite-cli-0:6.12.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.12.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-gce@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-service-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-service-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actioncable@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailbox@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailer@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionpack@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actiontext@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionview@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activejob@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activemodel@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activerecord@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activestorage@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"product": {
"name": "rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"product_id": "rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@6.0.6-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-rails-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-rails-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-rails-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rails@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-railties-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-railties-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-railties-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-railties@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-clone-0:3.2.0-2.el8sat.noarch",
"product": {
"name": "satellite-clone-0:3.2.0-2.el8sat.noarch",
"product_id": "satellite-clone-0:3.2.0-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-clone@3.2.0-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-0:4.1.18-1.el8sat.noarch",
"product": {
"name": "candlepin-0:4.1.18-1.el8sat.noarch",
"product_id": "candlepin-0:4.1.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.1.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"product": {
"name": "candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"product_id": "candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin-selinux@4.1.18-1.el8sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.3.0.18-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src"
},
"product_reference": "foreman-0:3.3.0.18-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-gce-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-container-0:2.10.10-1.el8pc.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src"
},
"product_reference": "python-pulp-container-0:2.10.10-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.18.9-1.el8pc.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.18.9-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulpcore-0:3.18.11-1.el8pc.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src"
},
"product_reference": "python-pulpcore-0:3.18.11-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-container-0:2.10.10-1.el8pc.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch"
},
"product_reference": "python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-rpm-0:3.18.9-1.el8pc.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch"
},
"product_reference": "python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulpcore-0:3.18.11-1.el8pc.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch"
},
"product_reference": "python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch"
},
"product_reference": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src"
},
"product_reference": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.12.1-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src"
},
"product_reference": "satellite-0:6.12.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-clone-0:3.2.0-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch"
},
"product_reference": "satellite-clone-0:3.2.0-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-clone-0:3.2.0-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src"
},
"product_reference": "satellite-clone-0:3.2.0-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.3.0.18-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src"
},
"product_reference": "foreman-0:3.3.0.18-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-gce-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.12.1-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src"
},
"product_reference": "satellite-0:6.12.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.1.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch"
},
"product_reference": "candlepin-0:4.1.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.1.18-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src"
},
"product_reference": "candlepin-0:4.1.18-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-selinux-0:4.1.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch"
},
"product_reference": "candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.3.0.18-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src"
},
"product_reference": "foreman-0:3.3.0.18-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-gce-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-container-0:2.10.10-1.el8pc.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src"
},
"product_reference": "python-pulp-container-0:2.10.10-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.18.9-1.el8pc.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.18.9-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulpcore-0:3.18.11-1.el8pc.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src"
},
"product_reference": "python-pulpcore-0:3.18.11-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-container-0:2.10.10-1.el8pc.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch"
},
"product_reference": "python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-rpm-0:3.18.9-1.el8pc.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch"
},
"product_reference": "python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulpcore-0:3.18.11-1.el8pc.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch"
},
"product_reference": "python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actioncable-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actioncable-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-actioncable-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailbox-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailer-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailer-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-actionpack-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actiontext-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actiontext-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-actiontext-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionview-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionview-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-actionview-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activejob-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activejob-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-activejob-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activemodel-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activemodel-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-activemodel-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-activerecord-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activestorage-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activestorage-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-activestorage-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.0.6-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch"
},
"product_reference": "rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.0.6-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src"
},
"product_reference": "rubygem-activesupport-0:6.0.6-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src"
},
"product_reference": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src"
},
"product_reference": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.5.0.22-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch"
},
"product_reference": "rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.5.0.22-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src"
},
"product_reference": "rubygem-katello-0:4.5.0.22-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rails-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-rails-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rails-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-rails-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-railties-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-railties-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-railties-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-railties-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch"
},
"product_reference": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src"
},
"product_reference": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.12.1-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src"
},
"product_reference": "satellite-0:6.12.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-32224",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-07-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108997"
}
],
"notes": [
{
"category": "description",
"text": "An insecure deserialization flaw was found in Active Record, which uses YAML.unsafe_load to convert the YAML data into Ruby objects. An attacker supplying crafted data to the database can perform remote code execution (RCE), resulting in complete system compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "activerecord: Possible RCE escalation bug with Serialized Columns in Active Record",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src"
],
"known_not_affected": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32224"
},
{
"category": "external",
"summary": "RHBZ#2108997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108997"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32224",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32224"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32224",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32224"
},
{
"category": "external",
"summary": "https://discuss.rubyonrails.org/t/cve-2022-32224-possible-rce-escalation-bug-with-serialized-columns-in-active-record/81017",
"url": "https://discuss.rubyonrails.org/t/cve-2022-32224-possible-rce-escalation-bug-with-serialized-columns-in-active-record/81017"
}
],
"release_date": "2022-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-18T14:55:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0261"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "activerecord: Possible RCE escalation bug with Serialized Columns in Active Record"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-18T14:55:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0261"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch"
],
"known_not_affected": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-18T14:55:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0261"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "apache-commons-text: variable interpolation RCE"
}
]
}
RHSA-2023:0469
Vulnerability from csaf_redhat - Published: 2023-01-26 09:42 - Updated: 2026-05-05 10:06Summary
Red Hat Security Advisory: Red Hat Integration Camel Extensions For Quarkus 2.13.2
Severity
Moderate
Notes
Topic: Red Hat Integration Camel Extensions for Quarkus 2.13.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed.
Red Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Integration - Camel Extensions for Quarkus 2.13.2 serves as a replacement for 2.7 and includes the following security fixes.
Security Fix(es):
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* commons-text: apache-commons-text: variable interpolation RCE (CVE-2022-42889)
* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40151)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)
* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40153)
* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40155)
* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40156)
* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40154)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Q 2.13.2
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Q 2.13.2
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Q 2.13.2
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Q 2.13.2
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Q 2.13.2
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Q 2.13.2
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Q 2.13.2
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Q 2.13.2
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Q 2.13.2
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Q 2.13.2
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Q 2.13.2
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_quarkus:2.13
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
References
65 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Integration Camel Extensions for Quarkus 2.13.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed.\n\nRed Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Integration - Camel Extensions for Quarkus 2.13.2 serves as a replacement for 2.7 and includes the following security fixes.\n\nSecurity Fix(es):\n\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* commons-text: apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40151)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)\n\n* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40153)\n\n* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40155)\n\n* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40156)\n\n* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40154)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0469",
"url": "https://access.redhat.com/errata/RHSA-2023:0469"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_integration/2023.q1",
"url": "https://access.redhat.com/documentation/en-us/red_hat_integration/2023.q1"
},
{
"category": "external",
"summary": "2128959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128959"
},
{
"category": "external",
"summary": "2134288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134288"
},
{
"category": "external",
"summary": "2134289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134289"
},
{
"category": "external",
"summary": "2134290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134290"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2134292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134292"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0469.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Integration Camel Extensions For Quarkus 2.13.2",
"tracking": {
"current_release_date": "2026-05-05T10:06:08+00:00",
"generator": {
"date": "2026-05-05T10:06:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2023:0469",
"initial_release_date": "2023-01-26T09:42:15+00:00",
"revision_history": [
{
"date": "2023-01-26T09:42:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-26T09:42:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T10:06:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHINT Camel-Q 2.13.2",
"product": {
"name": "RHINT Camel-Q 2.13.2",
"product_id": "RHINT Camel-Q 2.13.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:camel_quarkus:2.13"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Q 2.13.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-26T09:42:15+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Q 2.13.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0469"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Q 2.13.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Q 2.13.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-26T09:42:15+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Q 2.13.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0469"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Q 2.13.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40151",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134292"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Q 2.13.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40151"
},
{
"category": "external",
"summary": "RHBZ#2134292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134292"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40151",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40151"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40151",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40151"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-26T09:42:15+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Q 2.13.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0469"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Q 2.13.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Q 2.13.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-26T09:42:15+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Q 2.13.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0469"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Q 2.13.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-40153",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134290"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Q 2.13.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40153"
},
{
"category": "external",
"summary": "RHBZ#2134290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134290"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40153"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40153",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40153"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-26T09:42:15+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Q 2.13.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0469"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Q 2.13.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-40154",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2128959"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Q 2.13.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40154"
},
{
"category": "external",
"summary": "RHBZ#2128959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40154"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40154",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40154"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-26T09:42:15+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Q 2.13.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0469"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Q 2.13.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-40155",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134289"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Q 2.13.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40155"
},
{
"category": "external",
"summary": "RHBZ#2134289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40155"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-26T09:42:15+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Q 2.13.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0469"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Q 2.13.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-40156",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134288"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Q 2.13.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40156"
},
{
"category": "external",
"summary": "RHBZ#2134288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134288"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40156"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-26T09:42:15+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Q 2.13.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0469"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Q 2.13.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Q 2.13.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-26T09:42:15+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Q 2.13.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0469"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Q 2.13.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Q 2.13.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-26T09:42:15+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Q 2.13.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0469"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Q 2.13.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Q 2.13.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-26T09:42:15+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Q 2.13.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0469"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"RHINT Camel-Q 2.13.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Q 2.13.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "apache-commons-text: variable interpolation RCE"
}
]
}
RHSA-2023:1006
Vulnerability from csaf_redhat - Published: 2023-03-08 14:54 - Updated: 2026-05-17 02:00Summary
Red Hat Security Advisory: Red Hat build of Quarkus 2.7.7 release and security update
Severity
Important
Notes
Topic: An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.
Details: This release of Red Hat build of Quarkus 2.7.7 includes security updates, bug
fixes, and enhancements. For more information, see the release notes page listed
in the References section.
Security Fix(es):
*CVE-2023-0044 quarkus-vertx-http: a cross-site attack may be initiated which might lead to the Information Disclosure [quarkus-2]
*CVE-2022-41946 jdbc-postgresql: postgresql-jdbc: PreparedStatement.setText(int, InputStream) will create a temporary file if the InputStream is larger than 2k [quarkus-2]
*CVE-2022-31197 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names [quarkus-2.7]
*CVE-2022-42004 jackson-databind: use of deeply nested arrays [quarkus-2.7]
*CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS [quarkus-2.7]
*CVE-2022-42889 commons-text: apache-commons-text: variable interpolation RCE [quarkus-2.7]
*CVE-2022-1471 snakeyaml: Constructor Deserialization Remote Code Execution [quarkus-2]
*CVE-2022-41966 xstream: Denial of Service by injecting recursive collections or maps based on element's hash values raising a stack overflow [quarkus-2.7]
*CVE-2022-3171 protobuf-java: timeout in parser leads to DoS [quarkus-2]
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
6.2 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.7.7
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.7.7
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow() implementation from PGSQL.
8.0 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.7.7
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setText(int, InputStream) and PreparedStatemet.setBytea(int, InputStream). This could allow a user to create an unexpected file available to all users, which could end in unexpected behavior.
5.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.7.7
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the xstream package. This flaw allows an attacker to cause a denial of service by injecting recursive collections or maps, raising a stack overflow.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.7.7
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.7
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.7.7
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.7.7
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.7.7
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.7
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Critical
A flaw was found in Quarkus. If the Quarkus Form Authentication session cookie Path attribute is set to `/`, then a cross-site attack may be initiated, which might lead to information disclosure.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.7.7
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.7
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
References
89 references
Acknowledgments
Red Hat
Paulo Lopes
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Quarkus 2.7.7 includes security updates, bug\nfixes, and enhancements. For more information, see the release notes page listed\nin the References section.\n\nSecurity Fix(es):\n\n*CVE-2023-0044 quarkus-vertx-http: a cross-site attack may be initiated which might lead to the Information Disclosure [quarkus-2]\n\n*CVE-2022-41946 jdbc-postgresql: postgresql-jdbc: PreparedStatement.setText(int, InputStream) will create a temporary file if the InputStream is larger than 2k [quarkus-2]\n\n*CVE-2022-31197 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names [quarkus-2.7]\n\n*CVE-2022-42004 jackson-databind: use of deeply nested arrays [quarkus-2.7]\n\n*CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS [quarkus-2.7]\n\n*CVE-2022-42889 commons-text: apache-commons-text: variable interpolation RCE [quarkus-2.7]\n\n*CVE-2022-1471 snakeyaml: Constructor Deserialization Remote Code Execution [quarkus-2]\n\n*CVE-2022-41966 xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow [quarkus-2.7]\n\n*CVE-2022-3171 protobuf-java: timeout in parser leads to DoS [quarkus-2]",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1006",
"url": "https://access.redhat.com/errata/RHSA-2023:1006"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/4966181",
"url": "https://access.redhat.com/articles/4966181"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=redhat.quarkus\u0026version=2.7.7",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=redhat.quarkus\u0026version=2.7.7"
},
{
"category": "external",
"summary": "2129428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129428"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2137645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2153399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153399"
},
{
"category": "external",
"summary": "2158081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158081"
},
{
"category": "external",
"summary": "2170431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170431"
},
{
"category": "external",
"summary": "QUARKUS-2593",
"url": "https://issues.redhat.com/browse/QUARKUS-2593"
},
{
"category": "external",
"summary": "QUARKUS-2705",
"url": "https://issues.redhat.com/browse/QUARKUS-2705"
},
{
"category": "external",
"summary": "QUARKUS-2852",
"url": "https://issues.redhat.com/browse/QUARKUS-2852"
},
{
"category": "external",
"summary": "QUARKUS-2854",
"url": "https://issues.redhat.com/browse/QUARKUS-2854"
},
{
"category": "external",
"summary": "QUARKUS-2855",
"url": "https://issues.redhat.com/browse/QUARKUS-2855"
},
{
"category": "external",
"summary": "QUARKUS-2856",
"url": "https://issues.redhat.com/browse/QUARKUS-2856"
},
{
"category": "external",
"summary": "QUARKUS-2861",
"url": "https://issues.redhat.com/browse/QUARKUS-2861"
},
{
"category": "external",
"summary": "QUARKUS-2862",
"url": "https://issues.redhat.com/browse/QUARKUS-2862"
},
{
"category": "external",
"summary": "QUARKUS-2864",
"url": "https://issues.redhat.com/browse/QUARKUS-2864"
},
{
"category": "external",
"summary": "QUARKUS-2865",
"url": "https://issues.redhat.com/browse/QUARKUS-2865"
},
{
"category": "external",
"summary": "QUARKUS-2866",
"url": "https://issues.redhat.com/browse/QUARKUS-2866"
},
{
"category": "external",
"summary": "QUARKUS-2867",
"url": "https://issues.redhat.com/browse/QUARKUS-2867"
},
{
"category": "external",
"summary": "QUARKUS-2869",
"url": "https://issues.redhat.com/browse/QUARKUS-2869"
},
{
"category": "external",
"summary": "QUARKUS-2871",
"url": "https://issues.redhat.com/browse/QUARKUS-2871"
},
{
"category": "external",
"summary": "QUARKUS-2872",
"url": "https://issues.redhat.com/browse/QUARKUS-2872"
},
{
"category": "external",
"summary": "QUARKUS-2873",
"url": "https://issues.redhat.com/browse/QUARKUS-2873"
},
{
"category": "external",
"summary": "QUARKUS-2874",
"url": "https://issues.redhat.com/browse/QUARKUS-2874"
},
{
"category": "external",
"summary": "QUARKUS-2876",
"url": "https://issues.redhat.com/browse/QUARKUS-2876"
},
{
"category": "external",
"summary": "QUARKUS-2877",
"url": "https://issues.redhat.com/browse/QUARKUS-2877"
},
{
"category": "external",
"summary": "QUARKUS-2879",
"url": "https://issues.redhat.com/browse/QUARKUS-2879"
},
{
"category": "external",
"summary": "QUARKUS-2880",
"url": "https://issues.redhat.com/browse/QUARKUS-2880"
},
{
"category": "external",
"summary": "QUARKUS-2882",
"url": "https://issues.redhat.com/browse/QUARKUS-2882"
},
{
"category": "external",
"summary": "QUARKUS-2883",
"url": "https://issues.redhat.com/browse/QUARKUS-2883"
},
{
"category": "external",
"summary": "QUARKUS-2884",
"url": "https://issues.redhat.com/browse/QUARKUS-2884"
},
{
"category": "external",
"summary": "QUARKUS-2885",
"url": "https://issues.redhat.com/browse/QUARKUS-2885"
},
{
"category": "external",
"summary": "QUARKUS-2886",
"url": "https://issues.redhat.com/browse/QUARKUS-2886"
},
{
"category": "external",
"summary": "QUARKUS-2887",
"url": "https://issues.redhat.com/browse/QUARKUS-2887"
},
{
"category": "external",
"summary": "QUARKUS-2888",
"url": "https://issues.redhat.com/browse/QUARKUS-2888"
},
{
"category": "external",
"summary": "QUARKUS-2889",
"url": "https://issues.redhat.com/browse/QUARKUS-2889"
},
{
"category": "external",
"summary": "QUARKUS-2893",
"url": "https://issues.redhat.com/browse/QUARKUS-2893"
},
{
"category": "external",
"summary": "QUARKUS-2895",
"url": "https://issues.redhat.com/browse/QUARKUS-2895"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1006.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Quarkus 2.7.7 release and security update",
"tracking": {
"current_release_date": "2026-05-17T02:00:39+00:00",
"generator": {
"date": "2026-05-17T02:00:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2023:1006",
"initial_release_date": "2023-03-08T14:54:57+00:00",
"revision_history": [
{
"date": "2023-03-08T14:54:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-08T14:54:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-17T02:00:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Quarkus 2.7.7",
"product": {
"name": "Red Hat build of Quarkus 2.7.7",
"product_id": "Red Hat build of Quarkus 2.7.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quarkus:2.7"
}
}
}
],
"category": "product_family",
"name": "Red Hat build of Quarkus"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.7.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-08T14:54:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.7.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1006"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.7.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-3171",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2137645"
}
],
"notes": [
{
"category": "description",
"text": "A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf-java: timeout in parser leads to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.7.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3171"
},
{
"category": "external",
"summary": "RHBZ#2137645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2",
"url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2"
}
],
"release_date": "2022-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-08T14:54:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.7.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1006"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.7.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "protobuf-java: timeout in parser leads to DoS"
},
{
"cve": "CVE-2022-31197",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2022-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129428"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow() implementation from PGSQL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "User applications that do not invoke the `ResultSet.refreshRow()` method are not impacted.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be presented soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.7.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31197"
},
{
"category": "external",
"summary": "RHBZ#2129428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31197"
},
{
"category": "external",
"summary": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2",
"url": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2"
}
],
"release_date": "2022-08-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-08T14:54:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.7.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1006"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.7.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names"
},
{
"cve": "CVE-2022-41946",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153399"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setText(int, InputStream) and PreparedStatemet.setBytea(int, InputStream). This could allow a user to create an unexpected file available to all users, which could end in unexpected behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships a PostgreSQL JDBC Driver for Hibernate ORM framework, which is embeds into Candlepin. Although Candlepin itself doesn\u0027t make direct use of the PreparedStatement methods from the PostgreSQL JDBC Driver, Hibernate ORM does utilize these methods, potentially making framework affected. Satellite server operating in an environment with untrusted users while the driver is running are vulnerable to the flaw, however, deployments without untrusted users are considered safe. A future Satellite update should address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.7.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41946"
},
{
"category": "external",
"summary": "RHBZ#2153399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153399"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41946"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41946",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41946"
}
],
"release_date": "2022-11-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-08T14:54:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.7.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1006"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.7.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions"
},
{
"cve": "CVE-2022-41966",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-02-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the xstream package. This flaw allows an attacker to cause a denial of service by injecting recursive collections or maps, raising a stack overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 ships an affected version of XStream. No endpoint in any flavor of Fuse is accepting by default an unverified input stream passed directly to XStream unmarshaller. Documentation always recommend all the endpoints (TCP/UDP/HTTP(S)/other listeners) to have at least one layer of authentication/authorization and Fuse in general itself in particular has a lot of mechanisms to protect the endpoints.\n\nRed Hat Single Sign-On contains XStream as a transitive dependency from Infinispan and the same is not affected as NO_REFERENCE is in use.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.7.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41966"
},
{
"category": "external",
"summary": "RHBZ#2170431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41966",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41966"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41966",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41966"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-j563-grx4-pjpv",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-j563-grx4-pjpv"
}
],
"release_date": "2022-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-08T14:54:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.7.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1006"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.7.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.7.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-08T14:54:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.7.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1006"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.7.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.7.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-08T14:54:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.7.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1006"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.7.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.7.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-08T14:54:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.7.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1006"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"Red Hat build of Quarkus 2.7.7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.7.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "apache-commons-text: variable interpolation RCE"
},
{
"acknowledgments": [
{
"names": [
"Paulo Lopes"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2023-0044",
"discovery_date": "2023-01-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158081"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Quarkus. If the Quarkus Form Authentication session cookie Path attribute is set to `/`, then a cross-site attack may be initiated, which might lead to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quarkus-vertx-http: a cross-site attack may be initiated which might lead to the Information Disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.7.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0044"
},
{
"category": "external",
"summary": "RHBZ#2158081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158081"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0044",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0044"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-c57v-hc7m-8px2",
"url": "https://github.com/advisories/GHSA-c57v-hc7m-8px2"
}
],
"release_date": "2023-01-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-08T14:54:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.7.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1006"
},
{
"category": "workaround",
"details": "This attack can be prevented with the Quarkus CSRF Prevention feature.",
"product_ids": [
"Red Hat build of Quarkus 2.7.7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.7.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "quarkus-vertx-http: a cross-site attack may be initiated which might lead to the Information Disclosure"
}
]
}
RHSA-2023:1524
Vulnerability from csaf_redhat - Published: 2023-04-05 23:30 - Updated: 2026-05-05 10:06Summary
Red Hat Security Advisory: OpenShift Container Platform 4.9.59 security update
Severity
Critical
Notes
Topic: Red Hat OpenShift Container Platform release 4.9.59 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.59. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHSA-2023:1525
Security Fix(es):
* apache-commons-text: variable interpolation RCE (CVE-2022-42889)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.9 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Affected products
Fixed
2 products
Known not affected
157 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.src | — |
Workaround
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.src | — |
Workaround
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.4.1680068660-1.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:jenkins-0:2.361.4.1680068660-1.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
Threats
Impact
Moderate
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.9.59 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.59. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2023:1525\n\nSecurity Fix(es):\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.9 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1524",
"url": "https://access.redhat.com/errata/RHSA-2023:1524"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"url": "https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "OCPBUGS-11081",
"url": "https://issues.redhat.com/browse/OCPBUGS-11081"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1524.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.9.59 security update",
"tracking": {
"current_release_date": "2026-05-05T10:06:10+00:00",
"generator": {
"date": "2026-05-05T10:06:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2023:1524",
"initial_release_date": "2023-04-05T23:30:39+00:00",
"revision_history": [
{
"date": "2023-04-05T23:30:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-04-05T23:30:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T10:06:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.9",
"product": {
"name": "Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.9::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.9",
"product": {
"name": "Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.src",
"product": {
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.src",
"product_id": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.22.5-18.rhaos4.9.gitbd70b3d.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.src",
"product": {
"name": "openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.src",
"product_id": "openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.9.0-202303250015.p0.g71d09da.assembly.stream.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.src",
"product": {
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.src",
"product_id": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.22.5-18.rhaos4.9.gitbd70b3d.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.361.4.1680068660-1.el8.src",
"product": {
"name": "jenkins-0:2.361.4.1680068660-1.el8.src",
"product_id": "jenkins-0:2.361.4.1680068660-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.361.4.1680068660-1.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.9.1680069756-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.9.1680069756-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.9.1680069756-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.9.1680069756-1.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-305.85.1.el8_4.src",
"product": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.src",
"product_id": "kernel-0:4.18.0-305.85.1.el8_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-305.85.1.el8_4?arch=src"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"product": {
"name": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"product_id": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-305.85.1.rt7.157.el8_4?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.src",
"product": {
"name": "openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.src",
"product_id": "openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.9.0-202303250015.p0.g71d09da.assembly.stream.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64",
"product": {
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64",
"product_id": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.22.5-18.rhaos4.9.gitbd70b3d.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64",
"product_id": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.22.5-18.rhaos4.9.gitbd70b3d.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.x86_64",
"product_id": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.9.0-202303250015.p0.g71d09da.assembly.stream.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"product": {
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"product_id": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.22.5-18.rhaos4.9.gitbd70b3d.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"product": {
"name": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"product_id": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.22.5-18.rhaos4.9.gitbd70b3d.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"product_id": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.22.5-18.rhaos4.9.gitbd70b3d.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-ipaclones-internal@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "perf-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "perf-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-internal@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-internal@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-selftests-internal@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.x86_64",
"product_id": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.9.0-202303250015.p0.g71d09da.assembly.stream.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"product": {
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"product_id": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.22.5-18.rhaos4.9.gitbd70b3d.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"product": {
"name": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"product_id": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.22.5-18.rhaos4.9.gitbd70b3d.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"product": {
"name": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"product_id": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.22.5-18.rhaos4.9.gitbd70b3d.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "perf-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "perf-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-aarch64@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.aarch64",
"product": {
"name": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.aarch64",
"product_id": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.9.0-202303250015.p0.g71d09da.assembly.stream.el8?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"product": {
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"product_id": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.22.5-18.rhaos4.9.gitbd70b3d.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"product": {
"name": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"product_id": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.22.5-18.rhaos4.9.gitbd70b3d.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"product": {
"name": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"product_id": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.22.5-18.rhaos4.9.gitbd70b3d.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-ipaclones-internal@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-ppc64le@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.ppc64le",
"product": {
"name": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.ppc64le",
"product_id": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.9.0-202303250015.p0.g71d09da.assembly.stream.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"product": {
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"product_id": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.22.5-18.rhaos4.9.gitbd70b3d.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"product": {
"name": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"product_id": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.22.5-18.rhaos4.9.gitbd70b3d.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"product": {
"name": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"product_id": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.22.5-18.rhaos4.9.gitbd70b3d.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-core@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-devel@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules-extra@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules-internal@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "perf-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "perf-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-s390x@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-debuginfo@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.s390x",
"product": {
"name": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.s390x",
"product_id": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.9.0-202303250015.p0.g71d09da.assembly.stream.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.361.4.1680068660-1.el8.noarch",
"product": {
"name": "jenkins-0:2.361.4.1680068660-1.el8.noarch",
"product_id": "jenkins-0:2.361.4.1680068660-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.361.4.1680068660-1.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.9.1680069756-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.9.1680069756-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.9.1680069756-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.9.1680069756-1.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"product": {
"name": "kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"product_id": "kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@4.18.0-305.85.1.el8_4?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.src"
},
"product_reference": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64"
},
"product_reference": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.src"
},
"product_reference": "openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64"
},
"product_reference": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le"
},
"product_reference": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x"
},
"product_reference": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.src"
},
"product_reference": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64"
},
"product_reference": "cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64"
},
"product_reference": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le"
},
"product_reference": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x"
},
"product_reference": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64"
},
"product_reference": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le"
},
"product_reference": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x"
},
"product_reference": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64"
},
"product_reference": "cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.361.4.1680068660-1.el8.noarch as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-0:2.361.4.1680068660-1.el8.noarch"
},
"product_reference": "jenkins-0:2.361.4.1680068660-1.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.361.4.1680068660-1.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-0:2.361.4.1680068660-1.el8.src"
},
"product_reference": "jenkins-0:2.361.4.1680068660-1.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.9.1680069756-1.el8.noarch as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1680069756-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.9.1680069756-1.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.9.1680069756-1.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1680069756-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.9.1680069756-1.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.src"
},
"product_reference": "kernel-0:4.18.0-305.85.1.el8_4.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.18.0-305.85.1.el8_4.noarch as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch"
},
"product_reference": "kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src"
},
"product_reference": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.src"
},
"product_reference": "openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.aarch64"
},
"product_reference": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.ppc64le"
},
"product_reference": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.s390x"
},
"product_reference": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "perf-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "perf-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "perf-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"8Base-RHOSE-4.9:jenkins-0:2.361.4.1680068660-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.4.1680068660-1.el8.src",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.9:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.9:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1680069756-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1680069756-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"8Base-RHOSE-4.9:jenkins-0:2.361.4.1680068660-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.4.1680068660-1.el8.src",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.9:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.9:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-05T23:30:39+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1680069756-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1680069756-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1524"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"8Base-RHOSE-4.9:jenkins-0:2.361.4.1680068660-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.4.1680068660-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1680069756-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1680069756-1.el8.src",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.9:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.9:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.5-18.rhaos4.9.gitbd70b3d.el8.x86_64",
"8Base-RHOSE-4.9:jenkins-0:2.361.4.1680068660-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.4.1680068660-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1680069756-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1680069756-1.el8.src",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.9:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.9:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.9:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:openshift-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202303250015.p0.g71d09da.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.9:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
}
]
}
RHSA-2023:1655
Vulnerability from csaf_redhat - Published: 2023-04-12 12:02 - Updated: 2026-05-05 10:06Summary
Red Hat Security Advisory: OpenShift Container Platform 4.10.56 security update
Severity
Critical
Notes
Topic: Red Hat OpenShift Container Platform release 4.10.56 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.10.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.56. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHSA-2023:1656
Security Fix(es):
* apache-commons-text: variable interpolation RCE (CVE-2022-42889)
* spring-security-oauth2-client: Privilege Escalation in spring-security-oauth2-client (CVE-2022-31690)
* spring-security: Authorization rules can be bypassed via forward or include dispatcher types in Spring Security (CVE-2022-31692)
* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)
* Jenkins: XSS vulnerability in plugin manager (CVE-2023-27898)
* Jenkins: Temporary plugin file created with insecure permissions (CVE-2023-27899)
* kube-apiserver: Aggregated API server can cause clients to be redirected (SSRF) (CVE-2022-3172)
* Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)
* Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This issue leads to the client performing unexpected actions and forwarding the client's API server credentials to third parties.
5.1 (Medium)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
176 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src | — |
Threats
Impact
Moderate
A flaw was found in the Spring Security framework. Spring Security could allow a remote attacker to gain elevated privileges on the system. By modifying a request initiated by the Client (via the browser) to the Authorization Server, an attacker can gain elevated privileges on the system.
8.1 (High)
Affected products
Fixed
2 products
Known not affected
181 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src | — |
Threats
Impact
Important
A flaw was found in the spring-security framework. Spring Security could allow a remote attacker to bypass security restrictions caused by an issue when using forward or include dispatcher types. By sending a specially-crafted request, an attacker can bypass authorization rules.
7.4 (High)
Affected products
Fixed
2 products
Known not affected
181 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src | — |
Threats
Impact
Important
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Affected products
Fixed
2 products
Known not affected
181 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src | — |
Workaround
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src | — |
Workaround
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src | — |
Workaround
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
8.8 (High)
Affected products
Fixed
2 products
Known not affected
181 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src | — |
Threats
Impact
Important
A flaw was found in HAProxy's headers processing that causes HAProxy to drop important headers fields such as Connection, Content-length, Transfer-Encoding, and Host after having partially processed them. A maliciously crafted HTTP request could be used in an HTTP request smuggling attack to bypass filtering and detection by HAProxy.
8.2 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
170 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src | — |
Threats
Impact
Important
A flaw was found in Jenkins. Affected versions of Jenkins do not escape the Jenkins version that a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins in the plugin manager. This issue results in a stored Cross-site scripting (XSS) vulnerability, exploitable by attackers able to provide plugins to the configured update sites and have this message shown by Jenkins instances.
8.8 (High)
Affected products
Fixed
2 products
Known not affected
181 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src | — |
Threats
Impact
Important
A flaw was found in Jenkins. Jenkins creates a temporary file when a plugin is uploaded from an administrator’s computer. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is installed in Jenkins, potentially resulting in arbitrary code execution.
7.0 (High)
Affected products
Fixed
2 products
Known not affected
181 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src | — |
Threats
Impact
Important
A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI’s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is used in the build.
4.4 (Medium)
Affected products
Fixed
2 products
Known not affected
181 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src | — |
Threats
Impact
Low
A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers.
5.3 (Medium)
Affected products
Fixed
2 products
Known not affected
181 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src | — |
Threats
Impact
Low
References
66 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.10.56 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.10.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.56. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2023:1656\n\nSecurity Fix(es):\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* spring-security-oauth2-client: Privilege Escalation in spring-security-oauth2-client (CVE-2022-31690)\n\n* spring-security: Authorization rules can be bypassed via forward or include dispatcher types in Spring Security (CVE-2022-31692)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* Jenkins: XSS vulnerability in plugin manager (CVE-2023-27898)\n\n* Jenkins: Temporary plugin file created with insecure permissions (CVE-2023-27899)\n\n* kube-apiserver: Aggregated API server can cause clients to be redirected (SSRF) (CVE-2022-3172)\n\n* Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)\n\n* Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1655",
"url": "https://access.redhat.com/errata/RHSA-2023:1655"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html",
"url": "https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html"
},
{
"category": "external",
"summary": "2127804",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127804"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2162200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162200"
},
{
"category": "external",
"summary": "2162206",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162206"
},
{
"category": "external",
"summary": "2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "2177626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177626"
},
{
"category": "external",
"summary": "2177629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177629"
},
{
"category": "external",
"summary": "2177632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177632"
},
{
"category": "external",
"summary": "2177634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177634"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1655.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.10.56 security update",
"tracking": {
"current_release_date": "2026-05-05T10:06:10+00:00",
"generator": {
"date": "2026-05-05T10:06:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2023:1655",
"initial_release_date": "2023-04-12T12:02:17+00:00",
"revision_history": [
{
"date": "2023-04-12T12:02:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-04-12T12:02:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T10:06:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.10",
"product": {
"name": "Red Hat OpenShift Container Platform 4.10",
"product_id": "7Server-RH7-RHOSE-4.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.10::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.10",
"product": {
"name": "Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.10::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"product": {
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"product_id": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.23.5-8.rhaos4.10.gitcc8441d.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"product": {
"name": "openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"product_id": "openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"product": {
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"product_id": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"product": {
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"product_id": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.23.5-8.rhaos4.10.gitcc8441d.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-305.85.1.el8_4.src",
"product": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.src",
"product_id": "kernel-0:4.18.0-305.85.1.el8_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-305.85.1.el8_4?arch=src"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"product": {
"name": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"product_id": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-305.85.1.rt7.157.el8_4?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"product": {
"name": "openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"product_id": "openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"product": {
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"product_id": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "toolbox-0:0.0.9-1.rhaos4.10.el8.src",
"product": {
"name": "toolbox-0:0.0.9-1.rhaos4.10.el8.src",
"product_id": "toolbox-0:0.0.9-1.rhaos4.10.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.9-1.rhaos4.10.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "haproxy-0:2.2.19-4.el8.src",
"product": {
"name": "haproxy-0:2.2.19-4.el8.src",
"product_id": "haproxy-0:2.2.19-4.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/haproxy@2.2.19-4.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.387.1.1680701869-1.el8.src",
"product": {
"name": "jenkins-0:2.387.1.1680701869-1.el8.src",
"product_id": "jenkins-0:2.387.1.1680701869-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.387.1.1680701869-1.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.10.1680703106-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"product": {
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"product_id": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.23.5-8.rhaos4.10.gitcc8441d.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"product_id": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.23.5-8.rhaos4.10.gitcc8441d.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"product_id": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"product": {
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"product_id": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"product_id": "openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"product": {
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"product_id": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.23.5-8.rhaos4.10.gitcc8441d.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"product": {
"name": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"product_id": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.23.5-8.rhaos4.10.gitcc8441d.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"product_id": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.23.5-8.rhaos4.10.gitcc8441d.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-ipaclones-internal@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "perf-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "perf-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_id": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-305.85.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-internal@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-internal@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-selftests-internal@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-305.85.1.rt7.157.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"product_id": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"product": {
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"product_id": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"product_id": "openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "haproxy22-0:2.2.19-4.el8.x86_64",
"product": {
"name": "haproxy22-0:2.2.19-4.el8.x86_64",
"product_id": "haproxy22-0:2.2.19-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/haproxy22@2.2.19-4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"product": {
"name": "haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"product_id": "haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/haproxy-debugsource@2.2.19-4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"product": {
"name": "haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"product_id": "haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/haproxy22-debuginfo@2.2.19-4.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"product": {
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"product_id": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.23.5-8.rhaos4.10.gitcc8441d.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"product": {
"name": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"product_id": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.23.5-8.rhaos4.10.gitcc8441d.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"product": {
"name": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"product_id": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.23.5-8.rhaos4.10.gitcc8441d.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "perf-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "perf-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-aarch64@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_id": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-305.85.1.el8_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"product": {
"name": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"product_id": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"product": {
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"product_id": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "haproxy22-0:2.2.19-4.el8.aarch64",
"product": {
"name": "haproxy22-0:2.2.19-4.el8.aarch64",
"product_id": "haproxy22-0:2.2.19-4.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/haproxy22@2.2.19-4.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"product": {
"name": "haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"product_id": "haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/haproxy-debugsource@2.2.19-4.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"product": {
"name": "haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"product_id": "haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/haproxy22-debuginfo@2.2.19-4.el8?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"product": {
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"product_id": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.23.5-8.rhaos4.10.gitcc8441d.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"product": {
"name": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"product_id": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.23.5-8.rhaos4.10.gitcc8441d.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"product": {
"name": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"product_id": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.23.5-8.rhaos4.10.gitcc8441d.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-ipaclones-internal@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-ppc64le@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_id": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-305.85.1.el8_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"product": {
"name": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"product_id": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"product": {
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"product_id": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "haproxy22-0:2.2.19-4.el8.ppc64le",
"product": {
"name": "haproxy22-0:2.2.19-4.el8.ppc64le",
"product_id": "haproxy22-0:2.2.19-4.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/haproxy22@2.2.19-4.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"product": {
"name": "haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"product_id": "haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/haproxy-debugsource@2.2.19-4.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"product": {
"name": "haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"product_id": "haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/haproxy22-debuginfo@2.2.19-4.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"product": {
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"product_id": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.23.5-8.rhaos4.10.gitcc8441d.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"product": {
"name": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"product_id": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.23.5-8.rhaos4.10.gitcc8441d.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"product": {
"name": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"product_id": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.23.5-8.rhaos4.10.gitcc8441d.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-core@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-devel@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules-extra@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules-internal@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "perf-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "perf-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-s390x@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-debuginfo@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_id": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-305.85.1.el8_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"product": {
"name": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"product_id": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"product": {
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"product_id": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "haproxy22-0:2.2.19-4.el8.s390x",
"product": {
"name": "haproxy22-0:2.2.19-4.el8.s390x",
"product_id": "haproxy22-0:2.2.19-4.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/haproxy22@2.2.19-4.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "haproxy-debugsource-0:2.2.19-4.el8.s390x",
"product": {
"name": "haproxy-debugsource-0:2.2.19-4.el8.s390x",
"product_id": "haproxy-debugsource-0:2.2.19-4.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/haproxy-debugsource@2.2.19-4.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"product": {
"name": "haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"product_id": "haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/haproxy22-debuginfo@2.2.19-4.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"product": {
"name": "kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"product_id": "kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@4.18.0-305.85.1.el8_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"product": {
"name": "toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"product_id": "toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.9-1.rhaos4.10.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.387.1.1680701869-1.el8.noarch",
"product": {
"name": "jenkins-0:2.387.1.1680701869-1.el8.noarch",
"product_id": "jenkins-0:2.387.1.1680701869-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.387.1.1680701869-1.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.10.1680703106-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src"
},
"product_reference": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64"
},
"product_reference": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src"
},
"product_reference": "openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src"
},
"product_reference": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64"
},
"product_reference": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64"
},
"product_reference": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le"
},
"product_reference": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x"
},
"product_reference": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src"
},
"product_reference": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64"
},
"product_reference": "cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64"
},
"product_reference": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le"
},
"product_reference": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x"
},
"product_reference": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64"
},
"product_reference": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le"
},
"product_reference": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x"
},
"product_reference": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64"
},
"product_reference": "cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy-0:2.2.19-4.el8.src as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src"
},
"product_reference": "haproxy-0:2.2.19-4.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy-debugsource-0:2.2.19-4.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64"
},
"product_reference": "haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy-debugsource-0:2.2.19-4.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le"
},
"product_reference": "haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy-debugsource-0:2.2.19-4.el8.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x"
},
"product_reference": "haproxy-debugsource-0:2.2.19-4.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy-debugsource-0:2.2.19-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64"
},
"product_reference": "haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy22-0:2.2.19-4.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64"
},
"product_reference": "haproxy22-0:2.2.19-4.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy22-0:2.2.19-4.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le"
},
"product_reference": "haproxy22-0:2.2.19-4.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy22-0:2.2.19-4.el8.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x"
},
"product_reference": "haproxy22-0:2.2.19-4.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy22-0:2.2.19-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64"
},
"product_reference": "haproxy22-0:2.2.19-4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy22-debuginfo-0:2.2.19-4.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64"
},
"product_reference": "haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le"
},
"product_reference": "haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy22-debuginfo-0:2.2.19-4.el8.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x"
},
"product_reference": "haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy22-debuginfo-0:2.2.19-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64"
},
"product_reference": "haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.387.1.1680701869-1.el8.noarch as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch"
},
"product_reference": "jenkins-0:2.387.1.1680701869-1.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.387.1.1680701869-1.el8.src as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src"
},
"product_reference": "jenkins-0:2.387.1.1680701869-1.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.10.1680703106-1.el8.src as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.src as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src"
},
"product_reference": "kernel-0:4.18.0-305.85.1.el8_4.src",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.18.0-305.85.1.el8_4.noarch as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch"
},
"product_reference": "kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src"
},
"product_reference": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64"
},
"product_reference": "kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src"
},
"product_reference": "openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64"
},
"product_reference": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le"
},
"product_reference": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x"
},
"product_reference": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src"
},
"product_reference": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64"
},
"product_reference": "openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64"
},
"product_reference": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le"
},
"product_reference": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x"
},
"product_reference": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "perf-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "perf-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "perf-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.9-1.rhaos4.10.el8.noarch as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch"
},
"product_reference": "toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.9-1.rhaos4.10.el8.src as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
},
"product_reference": "toolbox-0:0.0.9-1.rhaos4.10.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.10"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3172",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-09-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2127804"
}
],
"notes": [
{
"category": "description",
"text": "A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This issue leads to the client performing unexpected actions and forwarding the client\u0027s API server credentials to third parties.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kube-apiserver: Aggregated API server can cause clients to be redirected (SSRF)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3172"
},
{
"category": "external",
"summary": "RHBZ#2127804",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127804"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3172",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3172"
},
{
"category": "external",
"summary": "https://github.com/kubernetes/kubernetes/issues/112513",
"url": "https://github.com/kubernetes/kubernetes/issues/112513"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-12T12:02:17+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1655"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kube-apiserver: Aggregated API server can cause clients to be redirected (SSRF)"
},
{
"cve": "CVE-2022-31690",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"discovery_date": "2023-01-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2162200"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Spring Security framework. Spring Security could allow a remote attacker to gain elevated privileges on the system. By modifying a request initiated by the Client (via the browser) to the Authorization Server, an attacker can gain elevated privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-security-oauth2-client: Privilege Escalation in spring-security-oauth2-client",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel-K, Camel-Quarkus, and Camel-SpringBoot do not directly use or ship the affected software, but do have references to it in their Maven POMs. As such their impact has been reduced to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31690"
},
{
"category": "external",
"summary": "RHBZ#2162200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31690",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31690"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31690",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31690"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2022-31690",
"url": "https://spring.io/security/cve-2022-31690"
}
],
"release_date": "2022-10-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-12T12:02:17+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1655"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "spring-security-oauth2-client: Privilege Escalation in spring-security-oauth2-client"
},
{
"cve": "CVE-2022-31692",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2023-01-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2162206"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the spring-security framework. Spring Security could allow a remote attacker to bypass security restrictions caused by an issue when using forward or include dispatcher types. By sending a specially-crafted request, an attacker can bypass authorization rules.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-security: Authorization rules can be bypassed via forward or include dispatcher types in Spring Security",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31692"
},
{
"category": "external",
"summary": "RHBZ#2162206",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162206"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31692",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31692"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31692",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31692"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2022-31692",
"url": "https://spring.io/security/cve-2022-31692"
}
],
"release_date": "2022-10-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-12T12:02:17+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1655"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "spring-security: Authorization rules can be bypassed via forward or include dispatcher types in Spring Security"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-12T12:02:17+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1655"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
},
{
"cve": "CVE-2023-24422",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164278"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24422"
},
{
"category": "external",
"summary": "RHBZ#2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24422"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016",
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
}
],
"release_date": "2023-01-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-12T12:02:17+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1655"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2023-25725",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2023-02-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2169089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HAProxy\u0027s headers processing that causes HAProxy to drop important headers fields such as Connection, Content-length, Transfer-Encoding, and Host after having partially processed them. A maliciously crafted HTTP request could be used in an HTTP request smuggling attack to bypass filtering and detection by HAProxy.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "haproxy: request smuggling attack in HTTP/1 header parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform doesn\u0027t ship any haproxy code of its own and instead the openstack-haproxy-container consumes the `haproxy` RPM provided by RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25725"
},
{
"category": "external",
"summary": "RHBZ#2169089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25725",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25725"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25725",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25725"
},
{
"category": "external",
"summary": "https://www.haproxy.com/blog/february-2023-header-parser-fixed/",
"url": "https://www.haproxy.com/blog/february-2023-header-parser-fixed/"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/haproxy@formilux.org/msg43229.html",
"url": "https://www.mail-archive.com/haproxy@formilux.org/msg43229.html"
}
],
"release_date": "2023-02-14T16:20:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-12T12:02:17+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1655"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "haproxy: request smuggling attack in HTTP/1 header parsing"
},
{
"cve": "CVE-2023-27898",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177629"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. Affected versions of Jenkins do not escape the Jenkins version that a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins in the plugin manager. This issue results in a stored Cross-site scripting (XSS) vulnerability, exploitable by attackers able to provide plugins to the configured update sites and have this message shown by Jenkins instances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: XSS vulnerability in plugin manager",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27898"
},
{
"category": "external",
"summary": "RHBZ#2177629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177629"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27898",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27898"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27898",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27898"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3037",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3037"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-12T12:02:17+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1655"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Jenkins: XSS vulnerability in plugin manager"
},
{
"cve": "CVE-2023-27899",
"cwe": {
"id": "CWE-378",
"name": "Creation of Temporary File With Insecure Permissions"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177626"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. Jenkins creates a temporary file when a plugin is uploaded from an administrator\u2019s computer. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is installed in Jenkins, potentially resulting in arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Temporary plugin file created with insecure permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27899"
},
{
"category": "external",
"summary": "RHBZ#2177626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177626"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27899",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27899"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27899",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27899"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2823",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2823"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-12T12:02:17+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1655"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Jenkins: Temporary plugin file created with insecure permissions"
},
{
"cve": "CVE-2023-27903",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177632"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI\u2019s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is used in the build.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Temporary file parameter created with insecure permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27903"
},
{
"category": "external",
"summary": "RHBZ#2177632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27903",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27903"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27903",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27903"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3058",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3058"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-12T12:02:17+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1655"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Jenkins: Temporary file parameter created with insecure permissions"
},
{
"cve": "CVE-2023-27904",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177634"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Information disclosure through error stack traces related to agents",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27904"
},
{
"category": "external",
"summary": "RHBZ#2177634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27904"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2120",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2120"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-12T12:02:17+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1655"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:bpftool-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64",
"8Base-RHOSE-4.10:haproxy-0:2.2.19-4.el8.src",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy-debugsource-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.aarch64",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.ppc64le",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.s390x",
"8Base-RHOSE-4.10:haproxy22-debuginfo-0:2.2.19-4.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-0:2.387.1.1680701869-1.el8.src",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1680703106-1.el8.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.src",
"8Base-RHOSE-4.10:kernel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-core-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debug-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-aarch64-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-debuginfo-common-ppc64le-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-debuginfo-common-s390x-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-debuginfo-common-x86_64-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-doc-0:4.18.0-305.85.1.el8_4.noarch",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-ipaclones-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-extra-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-modules-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.src",
"8Base-RHOSE-4.10:kernel-rt-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-core-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debug-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-devel-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-kvm-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-extra-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-modules-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-rt-selftests-internal-0:4.18.0-305.85.1.rt7.157.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-selftests-internal-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-tools-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:kernel-tools-libs-devel-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:kernel-zfcpdump-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-core-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-devel-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-extra-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:kernel-zfcpdump-modules-internal-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:openshift-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src",
"8Base-RHOSE-4.10:openshift-clients-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-clients-redistributable-0:4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x",
"8Base-RHOSE-4.10:openshift-hyperkube-0:4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.aarch64",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.ppc64le",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.s390x",
"8Base-RHOSE-4.10:python3-perf-debuginfo-0:4.18.0-305.85.1.el8_4.x86_64",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.noarch",
"8Base-RHOSE-4.10:toolbox-0:0.0.9-1.rhaos4.10.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Jenkins: Information disclosure through error stack traces related to agents"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…