Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-39325 (GCVE-0-2023-39325)
Vulnerability from cvelistv5 – Published: 2023-10-11 21:15 – Updated: 2025-02-13 17:02- CWE-400 - Uncontrolled Resource Consumption
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | net/http |
Affected:
0 , < 1.20.10
(semver)
Affected: 1.21.0-0 , < 1.21.3 (semver) |
|
| golang.org/x/net | golang.org/x/net/http2 |
Affected:
0 , < 0.17.0
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.746Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://go.dev/issue/63417"
},
{
"tags": [
"x_transferred"
],
"url": "https://go.dev/cl/534215"
},
{
"tags": [
"x_transferred"
],
"url": "https://go.dev/cl/534235"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ"
},
{
"tags": [
"x_transferred"
],
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231110-0008/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "net/http",
"product": "net/http",
"programRoutines": [
{
"name": "http2serverConn.serve"
},
{
"name": "http2serverConn.processHeaders"
},
{
"name": "http2serverConn.upgradeRequest"
},
{
"name": "http2serverConn.runHandler"
},
{
"name": "ListenAndServe"
},
{
"name": "ListenAndServeTLS"
},
{
"name": "Serve"
},
{
"name": "ServeTLS"
},
{
"name": "Server.ListenAndServe"
},
{
"name": "Server.ListenAndServeTLS"
},
{
"name": "Server.Serve"
},
{
"name": "Server.ServeTLS"
},
{
"name": "http2Server.ServeConn"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.20.10",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.21.3",
"status": "affected",
"version": "1.21.0-0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/net/http2",
"product": "golang.org/x/net/http2",
"programRoutines": [
{
"name": "serverConn.serve"
},
{
"name": "serverConn.processHeaders"
},
{
"name": "serverConn.upgradeRequest"
},
{
"name": "serverConn.runHandler"
},
{
"name": "Server.ServeConn"
}
],
"vendor": "golang.org/x/net",
"versions": [
{
"lessThan": "0.17.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-28T04:05:57.980Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/issue/63417"
},
{
"url": "https://go.dev/cl/534215"
},
{
"url": "https://go.dev/cl/534235"
},
{
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ"
},
{
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231110-0008/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/"
},
{
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/"
}
],
"title": "HTTP/2 rapid reset can cause excessive work in net/http"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2023-39325",
"datePublished": "2023-10-11T21:15:02.727Z",
"dateReserved": "2023-07-27T17:05:55.188Z",
"dateUpdated": "2025-02-13T17:02:50.341Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-39325",
"date": "2026-07-02",
"epss": "0.03796",
"percentile": "0.88686"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.20.0\", \"versionEndExcluding\": \"1.20.10\", \"matchCriteriaId\": \"99C776A5-1409-4638-AB9A-8A2B053DBFE1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.21.0\", \"versionEndExcluding\": \"1.21.3\", \"matchCriteriaId\": \"5FD9AB15-E5F6-4DBC-9EC7-D0ABA705802A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*\", \"versionEndExcluding\": \"0.17.0\", \"matchCriteriaId\": \"D7D2F801-6F65-4705-BCB9-D057EA54A707\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:astra_trident:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4E44A7B-F32A-43F2-B41A-CB3049100DF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:astra_trident_autosupport:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25008095-A75E-4E34-9538-61B6334BB0F9\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.\"}, {\"lang\": \"es\", \"value\": \"Un cliente HTTP/2 malicioso que crea solicitudes r\\u00e1pidamente y las restablece inmediatamente puede provocar un consumo excesivo de recursos del servidor. Si bien el n\\u00famero total de solicitudes est\\u00e1 limitado por la configuraci\\u00f3n http2.Server.MaxConcurrentStreams, restablecer una solicitud en curso permite al atacante crear una nueva solicitud mientras la existente a\\u00fan se est\\u00e1 ejecutando. Con la soluci\\u00f3n aplicada, los servidores HTTP/2 ahora vincularon el n\\u00famero de rutinas de controlador que se ejecutan simult\\u00e1neamente al l\\u00edmite de concurrencia de transmisi\\u00f3n (MaxConcurrentStreams). Las nuevas solicitudes que lleguen cuando se encuentre en el l\\u00edmite (lo que solo puede ocurrir despu\\u00e9s de que el cliente haya restablecido una solicitud existente en curso) se pondr\\u00e1n en cola hasta que salga un controlador. Si la cola de solicitudes crece demasiado, el servidor finalizar\\u00e1 la conexi\\u00f3n. Este problema tambi\\u00e9n se solucion\\u00f3 en golang.org/x/net/http2 para los usuarios que configuran HTTP/2 manualmente. El l\\u00edmite de simultaneidad de transmisiones predeterminado es 250 transmisiones (solicitudes) por conexi\\u00f3n HTTP/2. Este valor se puede ajustar utilizando el paquete golang.org/x/net/http2; consulte la configuraci\\u00f3n Server.MaxConcurrentStreams y la funci\\u00f3n ConfigureServer.\"}]",
"id": "CVE-2023-39325",
"lastModified": "2024-11-21T08:15:09.627",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
"published": "2023-10-11T22:15:09.880",
"references": "[{\"url\": \"https://go.dev/cl/534215\", \"source\": \"security@golang.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://go.dev/cl/534235\", \"source\": \"security@golang.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://go.dev/issue/63417\", \"source\": \"security@golang.org\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ\", \"source\": \"security@golang.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/\", \"source\": \"security@golang.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/\", \"source\": \"security@golang.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/\", \"source\": \"security@golang.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/\", \"source\": \"security@golang.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/\", \"source\": \"security@golang.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/\", \"source\": \"security@golang.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/\", \"source\": \"security@golang.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://pkg.go.dev/vuln/GO-2023-2102\", \"source\": \"security@golang.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20231110-0008/\", \"source\": \"security@golang.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://go.dev/cl/534215\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://go.dev/cl/534235\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://go.dev/issue/63417\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://pkg.go.dev/vuln/GO-2023-2102\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20231110-0008/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "security@golang.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-770\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-39325\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2023-10-11T22:15:09.880\",\"lastModified\":\"2026-06-17T06:12:02.173\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.\"},{\"lang\":\"es\",\"value\":\"Un cliente HTTP/2 malicioso que crea solicitudes r\u00e1pidamente y las restablece inmediatamente puede provocar un consumo excesivo de recursos del servidor. Si bien el n\u00famero total de solicitudes est\u00e1 limitado por la configuraci\u00f3n http2.Server.MaxConcurrentStreams, restablecer una solicitud en curso permite al atacante crear una nueva solicitud mientras la existente a\u00fan se est\u00e1 ejecutando. Con la soluci\u00f3n aplicada, los servidores HTTP/2 ahora vincularon el n\u00famero de rutinas de controlador que se ejecutan simult\u00e1neamente al l\u00edmite de concurrencia de transmisi\u00f3n (MaxConcurrentStreams). Las nuevas solicitudes que lleguen cuando se encuentre en el l\u00edmite (lo que solo puede ocurrir despu\u00e9s de que el cliente haya restablecido una solicitud existente en curso) se pondr\u00e1n en cola hasta que salga un controlador. Si la cola de solicitudes crece demasiado, el servidor finalizar\u00e1 la conexi\u00f3n. Este problema tambi\u00e9n se solucion\u00f3 en golang.org/x/net/http2 para los usuarios que configuran HTTP/2 manualmente. El l\u00edmite de simultaneidad de transmisiones predeterminado es 250 transmisiones (solicitudes) por conexi\u00f3n HTTP/2. Este valor se puede ajustar utilizando el paquete golang.org/x/net/http2; consulte la configuraci\u00f3n Server.MaxConcurrentStreams y la funci\u00f3n ConfigureServer.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"Go standard library\",\"product\":\"net/http\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"net/http\",\"programRoutines\":[{\"name\":\"http2serverConn.serve\"},{\"name\":\"http2serverConn.processHeaders\"},{\"name\":\"http2serverConn.upgradeRequest\"},{\"name\":\"http2serverConn.runHandler\"},{\"name\":\"ListenAndServe\"},{\"name\":\"ListenAndServeTLS\"},{\"name\":\"Serve\"},{\"name\":\"ServeTLS\"},{\"name\":\"Server.ListenAndServe\"},{\"name\":\"Server.ListenAndServeTLS\"},{\"name\":\"Server.Serve\"},{\"name\":\"Server.ServeTLS\"},{\"name\":\"http2Server.ServeConn\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"1.20.10\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.21.0-0\",\"lessThan\":\"1.21.3\",\"versionType\":\"semver\",\"status\":\"affected\"}]},{\"vendor\":\"golang.org/x/net\",\"product\":\"golang.org/x/net/http2\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"golang.org/x/net/http2\",\"programRoutines\":[{\"name\":\"serverConn.serve\"},{\"name\":\"serverConn.processHeaders\"},{\"name\":\"serverConn.upgradeRequest\"},{\"name\":\"serverConn.runHandler\"},{\"name\":\"Server.ServeConn\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"0.17.0\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.20.0\",\"versionEndExcluding\":\"1.20.10\",\"matchCriteriaId\":\"99C776A5-1409-4638-AB9A-8A2B053DBFE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.21.0\",\"versionEndExcluding\":\"1.21.3\",\"matchCriteriaId\":\"5FD9AB15-E5F6-4DBC-9EC7-D0ABA705802A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.17.0\",\"matchCriteriaId\":\"D7D2F801-6F65-4705-BCB9-D057EA54A707\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:astra_trident:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4E44A7B-F32A-43F2-B41A-CB3049100DF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:astra_trident_autosupport:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25008095-A75E-4E34-9538-61B6334BB0F9\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/534215\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://go.dev/cl/534235\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://go.dev/issue/63417\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ\",\"source\":\"security@golang.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2023-2102\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20231110-0008/\",\"source\":\"security@golang.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://go.dev/cl/534215\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://go.dev/cl/534235\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://go.dev/issue/63417\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2023-2102\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20231110-0008/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
RHSA-2023_6057
Vulnerability from csaf_redhat - Published: 2023-10-23 21:13 - Updated: 2024-12-18 04:48A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for toolbox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6057",
"url": "https://access.redhat.com/errata/RHSA-2023:6057"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6057.json"
}
],
"title": "Red Hat Security Advisory: toolbox security update",
"tracking": {
"current_release_date": "2024-12-18T04:48:48+00:00",
"generator": {
"date": "2024-12-18T04:48:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:6057",
"initial_release_date": "2023-10-23T21:13:36+00:00",
"revision_history": [
{
"date": "2023-10-23T21:13:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-23T21:13:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:48:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.0::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-4.el9_0.src",
"product": {
"name": "toolbox-0:0.0.99.3-4.el9_0.src",
"product_id": "toolbox-0:0.0.99.3-4.el9_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-4.el9_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-4.el9_0.aarch64",
"product": {
"name": "toolbox-0:0.0.99.3-4.el9_0.aarch64",
"product_id": "toolbox-0:0.0.99.3-4.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-4.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"product": {
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"product_id": "toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-tests@0.0.99.3-4.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"product": {
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"product_id": "toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debugsource@0.0.99.3-4.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"product": {
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"product_id": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debuginfo@0.0.99.3-4.el9_0?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"product": {
"name": "toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"product_id": "toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-4.el9_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"product": {
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"product_id": "toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-tests@0.0.99.3-4.el9_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"product": {
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"product_id": "toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debugsource@0.0.99.3-4.el9_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"product": {
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"product_id": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debuginfo@0.0.99.3-4.el9_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-4.el9_0.x86_64",
"product": {
"name": "toolbox-0:0.0.99.3-4.el9_0.x86_64",
"product_id": "toolbox-0:0.0.99.3-4.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-4.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.x86_64",
"product": {
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.x86_64",
"product_id": "toolbox-tests-0:0.0.99.3-4.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-tests@0.0.99.3-4.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"product": {
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"product_id": "toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debugsource@0.0.99.3-4.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"product": {
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"product_id": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debuginfo@0.0.99.3-4.el9_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-4.el9_0.s390x",
"product": {
"name": "toolbox-0:0.0.99.3-4.el9_0.s390x",
"product_id": "toolbox-0:0.0.99.3-4.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-4.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"product": {
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"product_id": "toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-tests@0.0.99.3-4.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"product": {
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"product_id": "toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debugsource@0.0.99.3-4.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"product": {
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"product_id": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debuginfo@0.0.99.3-4.el9_0?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-4.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64"
},
"product_reference": "toolbox-0:0.0.99.3-4.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-4.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le"
},
"product_reference": "toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-4.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x"
},
"product_reference": "toolbox-0:0.0.99.3-4.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-4.el9_0.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src"
},
"product_reference": "toolbox-0:0.0.99.3-4.el9_0.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-4.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64"
},
"product_reference": "toolbox-0:0.0.99.3-4.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64"
},
"product_reference": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le"
},
"product_reference": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x"
},
"product_reference": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64"
},
"product_reference": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64"
},
"product_reference": "toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le"
},
"product_reference": "toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x"
},
"product_reference": "toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64"
},
"product_reference": "toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64"
},
"product_reference": "toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le"
},
"product_reference": "toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x"
},
"product_reference": "toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
},
"product_reference": "toolbox-tests-0:0.0.99.3-4.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-23T21:13:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6057"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-23T21:13:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6057"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023_6059
Vulnerability from csaf_redhat - Published: 2023-10-23 21:20 - Updated: 2024-12-18 04:48A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Pipelines Client tkn for 1.12.1 has been released.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Pipelines Client, tkn for the 1.12.1 release, provides a CLI tool to interact with the Pipelines and Triggers components provided by Red Hat OpenShift Pipelines 1.12.1\n\nThe tkn CLI tool is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6059",
"url": "https://access.redhat.com/errata/RHSA-2023:6059"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://docs.openshift.com/container-platform/4.13/cli_reference/tkn_cli/installing-tkn.html",
"url": "https://docs.openshift.com/container-platform/4.13/cli_reference/tkn_cli/installing-tkn.html"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "SRVKP-3551",
"url": "https://issues.redhat.com/browse/SRVKP-3551"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6059.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Pipelines Client tkn for 1.12.1 release and security update",
"tracking": {
"current_release_date": "2024-12-18T04:48:39+00:00",
"generator": {
"date": "2024-12-18T04:48:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:6059",
"initial_release_date": "2023-10-23T21:20:26+00:00",
"revision_history": [
{
"date": "2023-10-23T21:20:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-23T21:20:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:48:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Pipelines version 1.12 for RHEL 8",
"product": {
"name": "OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_pipelines:1.12::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Pipelines"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.src",
"product": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.src",
"product_id": "openshift-pipelines-client-0:1.12.1-11260.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client@1.12.1-11260.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"product": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"product_id": "openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client@1.12.1-11260.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64",
"product": {
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64",
"product_id": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client-redistributable@1.12.1-11260.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"product": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"product_id": "openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client@1.12.1-11260.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"product": {
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"product_id": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client-redistributable@1.12.1-11260.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"product": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"product_id": "openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client@1.12.1-11260.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"product": {
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"product_id": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client-redistributable@1.12.1-11260.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"product": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"product_id": "openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client@1.12.1-11260.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"product": {
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"product_id": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client-redistributable@1.12.1-11260.el8?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.aarch64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64"
},
"product_reference": "openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le"
},
"product_reference": "openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x"
},
"product_reference": "openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.src as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src"
},
"product_reference": "openshift-pipelines-client-0:1.12.1-11260.el8.src",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.x86_64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64"
},
"product_reference": "openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64"
},
"product_reference": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le"
},
"product_reference": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x"
},
"product_reference": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
},
"product_reference": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-23T21:20:26+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6059"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-23T21:20:26+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6059"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023_6061
Vulnerability from csaf_redhat - Published: 2023-10-23 21:57 - Updated: 2024-12-18 04:49A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le | — |
Vendor Fix
fix
Workaround
|
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Pipelines 1.12.1 has been released.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Pipelines is a cloud-native continuous integration and delivery (CI/CD) solution for building pipelines using Tekton. Tekton is a flexible, Kubernetes-native, open-source CI/CD framework which enables automating deployments across multiple platforms such as Kubernetes, Serverless, and VMs by abstracting away the underlying details.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat OpenShift Pipelines consists of:\n\n- Tekton Pipelines 0.50.x\n- Tekton Triggers 0.25.x\n- ClusterTasks based on Tekton Catalog\n- Tekton tkn CLI 0.32.x\n- Tekton Operator 0.68.x\n- Tekton Chains 0.17.x (GA)\n- Tekton Hub 1.14.x (TP)\n- Tekton Result 0.8.x (TP)\n- Pipelines-as-Code 0.21.x (GA)\n\nFor more information, see the Release Notes on any one of the following platforms:\n\n- Customer Portal: https://access.redhat.com/documentation/en-us/openshift_container_platform/4.13/html/cicd/pipelines#op-release-notes-1-12_op-release-notes\n\n- OpenShift documentation: https://docs.openshift.com/container-platform/4.13/cicd/pipelines/op-release-notes.html#op-release-notes-1-12_op-release-notes",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6061",
"url": "https://access.redhat.com/errata/RHSA-2023:6061"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://docs.openshift.com/pipelines/1.12/about/understanding-openshift-pipelines.html",
"url": "https://docs.openshift.com/pipelines/1.12/about/understanding-openshift-pipelines.html"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "SRVKP-3550",
"url": "https://issues.redhat.com/browse/SRVKP-3550"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6061.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Pipelines 1.12.1 release and security update",
"tracking": {
"current_release_date": "2024-12-18T04:49:06+00:00",
"generator": {
"date": "2024-12-18T04:49:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:6061",
"initial_release_date": "2023-10-23T21:57:37+00:00",
"revision_history": [
{
"date": "2023-10-23T21:57:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-23T21:57:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:49:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Pipelines version 1.12 for RHEL 8",
"product": {
"name": "OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_pipelines:1.12::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Pipelines"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"product": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"product_id": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"product": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"product_id": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel8\u0026tag=v1.12.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"product": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"product_id": "openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"product": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"product_id": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"product": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"product_id": "openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-events-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"product": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"product_id": "openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8\u0026tag=v1.12.1-2"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"product": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"product_id": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"product": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"product_id": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"product": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"product_id": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"product": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"product_id": "openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"product": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"product_id": "openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-bundle\u0026tag=v1.12.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"product": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"product_id": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel8\u0026tag=v1.12.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"product": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"product_id": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel8\u0026tag=v1.12.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"product": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"product_id": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-rhel8\u0026tag=v1.12.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"product": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"product_id": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"product": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"product_id": "openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"product": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"product_id": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"product": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"product_id": "openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-rhel8-operator\u0026tag=v1.12.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"product": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"product_id": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-serve-tkn-cli-rhel8\u0026tag=v1.12.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"product_id": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"product_id": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"product_id": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"product_id": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"product": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"product_id": "openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"product": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"product_id": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8\u0026tag=v1.12.1-5"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"product": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"product_id": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"product": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"product_id": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel8\u0026tag=v1.12.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"product": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"product_id": "openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"product": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"product_id": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"product": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"product_id": "openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-events-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"product": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"product_id": "openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8\u0026tag=v1.12.1-2"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"product": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"product_id": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"product": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"product_id": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"product": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"product_id": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"product": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"product_id": "openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"product": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"product_id": "openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-bundle\u0026tag=v1.12.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"product": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"product_id": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel8\u0026tag=v1.12.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"product": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"product_id": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel8\u0026tag=v1.12.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"product": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"product_id": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-rhel8\u0026tag=v1.12.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"product": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"product_id": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"product": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"product_id": "openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"product": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"product_id": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"product": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"product_id": "openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-rhel8-operator\u0026tag=v1.12.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"product": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"product_id": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-serve-tkn-cli-rhel8\u0026tag=v1.12.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"product": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"product_id": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"product": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"product_id": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"product": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"product_id": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"product": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"product_id": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"product": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"product_id": "openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"product": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"product_id": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8\u0026tag=v1.12.1-5"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"product_id": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"product_id": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel8\u0026tag=v1.12.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"product_id": "openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"product_id": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"product_id": "openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-events-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"product_id": "openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8\u0026tag=v1.12.1-2"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"product_id": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"product_id": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"product_id": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"product_id": "openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"product_id": "openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-bundle\u0026tag=v1.12.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"product_id": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel8\u0026tag=v1.12.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"product_id": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel8\u0026tag=v1.12.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"product_id": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-rhel8\u0026tag=v1.12.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"product_id": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"product_id": "openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"product_id": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"product_id": "openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-rhel8-operator\u0026tag=v1.12.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"product_id": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-serve-tkn-cli-rhel8\u0026tag=v1.12.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"product_id": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"product_id": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"product_id": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"product_id": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"product_id": "openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le",
"product_id": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8\u0026tag=v1.12.1-5"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"product": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"product_id": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"product": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"product_id": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel8\u0026tag=v1.12.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"product": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"product_id": "openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"product": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"product_id": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"product": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"product_id": "openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-events-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"product": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"product_id": "openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8\u0026tag=v1.12.1-2"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"product": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"product_id": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"product": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"product_id": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"product": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"product_id": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"product": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"product_id": "openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"product": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"product_id": "openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-bundle\u0026tag=v1.12.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"product": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"product_id": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel8\u0026tag=v1.12.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"product": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"product_id": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel8\u0026tag=v1.12.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"product": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"product_id": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-rhel8\u0026tag=v1.12.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"product": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"product_id": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"product": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"product_id": "openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"product": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"product_id": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"product": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"product_id": "openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-rhel8-operator\u0026tag=v1.12.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"product": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"product_id": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-serve-tkn-cli-rhel8\u0026tag=v1.12.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"product_id": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"product_id": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"product_id": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"product_id": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"product": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"product_id": "openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"product": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"product_id": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8\u0026tag=v1.12.1-5"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64"
},
"product_reference": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64"
},
"product_reference": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x"
},
"product_reference": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64"
},
"product_reference": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x"
},
"product_reference": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64"
},
"product_reference": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64"
},
"product_reference": "openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x"
},
"product_reference": "openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64"
},
"product_reference": "openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64"
},
"product_reference": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64"
},
"product_reference": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x"
},
"product_reference": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64"
},
"product_reference": "openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x"
},
"product_reference": "openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64"
},
"product_reference": "openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64"
},
"product_reference": "openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x"
},
"product_reference": "openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64"
},
"product_reference": "openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64"
},
"product_reference": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64"
},
"product_reference": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x"
},
"product_reference": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x"
},
"product_reference": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64"
},
"product_reference": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64"
},
"product_reference": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64"
},
"product_reference": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x"
},
"product_reference": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64"
},
"product_reference": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64"
},
"product_reference": "openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64"
},
"product_reference": "openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x"
},
"product_reference": "openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64"
},
"product_reference": "openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x"
},
"product_reference": "openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64"
},
"product_reference": "openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x"
},
"product_reference": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64"
},
"product_reference": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64"
},
"product_reference": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64"
},
"product_reference": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64"
},
"product_reference": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x"
},
"product_reference": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64"
},
"product_reference": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x"
},
"product_reference": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64"
},
"product_reference": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64"
},
"product_reference": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x"
},
"product_reference": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64"
},
"product_reference": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x"
},
"product_reference": "openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64"
},
"product_reference": "openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64"
},
"product_reference": "openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64"
},
"product_reference": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x"
},
"product_reference": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64"
},
"product_reference": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64"
},
"product_reference": "openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64"
},
"product_reference": "openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x"
},
"product_reference": "openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x"
},
"product_reference": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64"
},
"product_reference": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64"
},
"product_reference": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x"
},
"product_reference": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x"
},
"product_reference": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x"
},
"product_reference": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x"
},
"product_reference": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x"
},
"product_reference": "openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64"
},
"product_reference": "openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64"
},
"product_reference": "openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x"
},
"product_reference": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64"
},
"product_reference": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64"
},
"product_reference": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-23T21:57:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nIf you selected the Automatic update strategy when you installed the Red Hat OpenShift Pipelines operator, the operator applies this update automatically. If you selected the Manual update strategy, use the OpenShift Container Platform web console to approve the update. For instructions about approving\nthe update, see:\n\nhttps://docs.openshift.com/container-platform/4.10/operators/admin/olm-upgrading-operators.html#olm-approving-pending-up[\u2026]e_olm-upgrading-operators",
"product_ids": [
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6061"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-23T21:57:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nIf you selected the Automatic update strategy when you installed the Red Hat OpenShift Pipelines operator, the operator applies this update automatically. If you selected the Manual update strategy, use the OpenShift Container Platform web console to approve the update. For instructions about approving\nthe update, see:\n\nhttps://docs.openshift.com/container-platform/4.10/operators/admin/olm-upgrading-operators.html#olm-approving-pending-up[\u2026]e_olm-upgrading-operators",
"product_ids": [
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6061"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023_6071
Vulnerability from csaf_redhat - Published: 2023-10-24 09:41 - Updated: 2024-12-18 04:49A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:02afc60209fa02f98325677202887cf58a04dd334ead4bea9d601b2ebca60f25_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:39bc3203d9b1bb5031c8abdcf18b578cdb06d87939b92a1adbfe7f58f7263e5e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:4b727955da552e9137b8beaacb58743e242ca18c722da4c83d139d01f39ced67_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:203f669dfecbe15bf2c026191fac9f03cc2f0a24d4e8ebaa612e03f855cd412c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a26eaebf47bcf49be38da18badf53884fe8a39b2110de2288e5f83a1ee761202_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ff2e32cba218f944d628ab1b12e13f47ba2f5c59198fbadfa91a48203ec65edc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:681c44488bef3551c8a48b955cb4f80377336474b5eff91d751df9616b403c90_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:7b40266e9bcf63f9d17057d41a8d74a6996666a17bae8f5480d18bf68b3d36be_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:a59f4e48c51878df91baf624c89a5157f7b6298a14260c0b5d6f902a2aeb574a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8d01a5d038f9f778df054ab9533ff700dfafc72a8b6e086910f2e5db0634b21b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b3f8f5122676f1a9a46f38f7cf8e265536f275ecb7c2ad08874f5e792cc12af0_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b60c0000ee6f5c5bfcee7ecac40feac1029f8520236cec8eb76a7353f7fab2b5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:683fc6bcd5de85b025df05e59c4ca7d895fb4a3764d65a53f5f0301fd59629a4_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:a0d9cd31d953aaf7e84f5a39f405c5aa2ea62e68d6c728a936ca1ffc4dc1b93e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:c2f484a894fe64522f40b9d0c16e19e933560505aec2e156f7ba543e3f0331bb_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:37d3b4a85e1214f54d485732f20a83c88a20622a66de83f5f445d9b6274cafe2_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:b52ff18b3d963f57dc7aeb5ffc8143aaa6eb76bea5e7912fe2f0fc6e7a6f3245_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:e2c292eebafb277fbb4d273e9edfe22435b2201e08c02c04011330e0c13fa335_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3062a2b35b2911df16e2c4d19bd3e231f4e4f4bd64bfb2d909e54c85eb3bb282_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4774c909ac77d2d0efd233b54380166576ffa1695cabdc418b809e7beae4f684_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f2e86b59baf64ec0e15b190676a8a81d8742f4cf88e8c216bafe3fd355a534f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2d56340729ea34c80d7cf9342812a20ad2bb371c4ad4de656d55e3004352df1c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8a56051d40e5c4c82c188303b7572da6e4bf21ce1f999db97ab878f59431b8f5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:af78c6089f148a256854511669e111271d80dc0eba571d9f47628429bce66835_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0312f6391720d2552b067a597c6d30bd47bd72f0e173488b615b3da8e144eb0e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3829f94879b2512ae6d38f617a734e79ef9ab7de6f6c1ae1318346d6144e636_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc74190ce1f373590969a90aae941a6af820268aa41548bc06ae9c70da8afef5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:65a60062866c15fab1eb1af75cc0fdeeec88e7c98c8d9a428a0a8272d6246b1c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:94d2ae7b3e409451320370ac05ed6a88be8546b2e756a306d904ef22a372c7b9_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:e08d42e2c6c12932ec1f915bb153111076ced6d82a9205f1998e0cb970f9ca11_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:410b2c74ad914d4f09f1a64cd51da7ed057b891dd0f2a9803bc168f5b0a81aab_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bcf867cadab62b7761bce469db61cb231fadfa4e97c141fb0d8a2946cf548f74_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e8cf8dd749a23a9fb3ae23ed2263ada05c6e13c035535c3796eb465f9a071f8f_s390x | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features and bug fixes.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of RHACS 4.0.5 includes fixes for the following security\nvulnerabilities:\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work\n(CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack\n(Rapid Reset Attack) (CVE-2023-44487)\n\n* Various CVEs in containers for glibc security issues\n\nA Red Hat Security Bulletin which addresses further details about this flaw is\navailable in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRHACS 4.0.5 includes a new default policy called \"Rapid Reset: Denial of Service\nVulnerability in HTTP/2 Protocol\". This policy alerts on deployments with images\ncontaining components that are susceptible to a Denial of Service (DoS)\nvulnerability for HTTP/2 servers, based on CVE-2023-44487 and CVE-2023-39325.\nThis policy applies to the build or deploy life cycle stage.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6071",
"url": "https://access.redhat.com/errata/RHSA-2023:6071"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.openshift.com/acs/4.0/release_notes/40-release-notes.html",
"url": "https://docs.openshift.com/acs/4.0/release_notes/40-release-notes.html"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "ROX-20197",
"url": "https://issues.redhat.com/browse/ROX-20197"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6071.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.0 enhancement and security update",
"tracking": {
"current_release_date": "2024-12-18T04:49:25+00:00",
"generator": {
"date": "2024-12-18T04:49:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:6071",
"initial_release_date": "2023-10-24T09:41:00+00:00",
"revision_history": [
{
"date": "2023-10-24T09:41:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-24T09:41:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:49:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 4.0 for RHEL 8",
"product": {
"name": "RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a26eaebf47bcf49be38da18badf53884fe8a39b2110de2288e5f83a1ee761202_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a26eaebf47bcf49be38da18badf53884fe8a39b2110de2288e5f83a1ee761202_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a26eaebf47bcf49be38da18badf53884fe8a39b2110de2288e5f83a1ee761202_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:a26eaebf47bcf49be38da18badf53884fe8a39b2110de2288e5f83a1ee761202?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.0.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a59f4e48c51878df91baf624c89a5157f7b6298a14260c0b5d6f902a2aeb574a_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a59f4e48c51878df91baf624c89a5157f7b6298a14260c0b5d6f902a2aeb574a_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a59f4e48c51878df91baf624c89a5157f7b6298a14260c0b5d6f902a2aeb574a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:a59f4e48c51878df91baf624c89a5157f7b6298a14260c0b5d6f902a2aeb574a?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.0.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b60c0000ee6f5c5bfcee7ecac40feac1029f8520236cec8eb76a7353f7fab2b5_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b60c0000ee6f5c5bfcee7ecac40feac1029f8520236cec8eb76a7353f7fab2b5_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b60c0000ee6f5c5bfcee7ecac40feac1029f8520236cec8eb76a7353f7fab2b5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:b60c0000ee6f5c5bfcee7ecac40feac1029f8520236cec8eb76a7353f7fab2b5?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.0.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:02afc60209fa02f98325677202887cf58a04dd334ead4bea9d601b2ebca60f25_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:02afc60209fa02f98325677202887cf58a04dd334ead4bea9d601b2ebca60f25_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:02afc60209fa02f98325677202887cf58a04dd334ead4bea9d601b2ebca60f25_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:02afc60209fa02f98325677202887cf58a04dd334ead4bea9d601b2ebca60f25?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.0.5-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:c2f484a894fe64522f40b9d0c16e19e933560505aec2e156f7ba543e3f0331bb_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:c2f484a894fe64522f40b9d0c16e19e933560505aec2e156f7ba543e3f0331bb_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:c2f484a894fe64522f40b9d0c16e19e933560505aec2e156f7ba543e3f0331bb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:c2f484a894fe64522f40b9d0c16e19e933560505aec2e156f7ba543e3f0331bb?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.0.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:b52ff18b3d963f57dc7aeb5ffc8143aaa6eb76bea5e7912fe2f0fc6e7a6f3245_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:b52ff18b3d963f57dc7aeb5ffc8143aaa6eb76bea5e7912fe2f0fc6e7a6f3245_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:b52ff18b3d963f57dc7aeb5ffc8143aaa6eb76bea5e7912fe2f0fc6e7a6f3245_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:b52ff18b3d963f57dc7aeb5ffc8143aaa6eb76bea5e7912fe2f0fc6e7a6f3245?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.0.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f2e86b59baf64ec0e15b190676a8a81d8742f4cf88e8c216bafe3fd355a534f_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f2e86b59baf64ec0e15b190676a8a81d8742f4cf88e8c216bafe3fd355a534f_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f2e86b59baf64ec0e15b190676a8a81d8742f4cf88e8c216bafe3fd355a534f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:9f2e86b59baf64ec0e15b190676a8a81d8742f4cf88e8c216bafe3fd355a534f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.0.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:e08d42e2c6c12932ec1f915bb153111076ced6d82a9205f1998e0cb970f9ca11_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:e08d42e2c6c12932ec1f915bb153111076ced6d82a9205f1998e0cb970f9ca11_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:e08d42e2c6c12932ec1f915bb153111076ced6d82a9205f1998e0cb970f9ca11_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:e08d42e2c6c12932ec1f915bb153111076ced6d82a9205f1998e0cb970f9ca11?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.0.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2d56340729ea34c80d7cf9342812a20ad2bb371c4ad4de656d55e3004352df1c_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2d56340729ea34c80d7cf9342812a20ad2bb371c4ad4de656d55e3004352df1c_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2d56340729ea34c80d7cf9342812a20ad2bb371c4ad4de656d55e3004352df1c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:2d56340729ea34c80d7cf9342812a20ad2bb371c4ad4de656d55e3004352df1c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.0.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc74190ce1f373590969a90aae941a6af820268aa41548bc06ae9c70da8afef5_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc74190ce1f373590969a90aae941a6af820268aa41548bc06ae9c70da8afef5_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc74190ce1f373590969a90aae941a6af820268aa41548bc06ae9c70da8afef5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:dc74190ce1f373590969a90aae941a6af820268aa41548bc06ae9c70da8afef5?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.0.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bcf867cadab62b7761bce469db61cb231fadfa4e97c141fb0d8a2946cf548f74_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bcf867cadab62b7761bce469db61cb231fadfa4e97c141fb0d8a2946cf548f74_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bcf867cadab62b7761bce469db61cb231fadfa4e97c141fb0d8a2946cf548f74_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:bcf867cadab62b7761bce469db61cb231fadfa4e97c141fb0d8a2946cf548f74?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.0.5-4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:203f669dfecbe15bf2c026191fac9f03cc2f0a24d4e8ebaa612e03f855cd412c_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:203f669dfecbe15bf2c026191fac9f03cc2f0a24d4e8ebaa612e03f855cd412c_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:203f669dfecbe15bf2c026191fac9f03cc2f0a24d4e8ebaa612e03f855cd412c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:203f669dfecbe15bf2c026191fac9f03cc2f0a24d4e8ebaa612e03f855cd412c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.0.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7b40266e9bcf63f9d17057d41a8d74a6996666a17bae8f5480d18bf68b3d36be_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7b40266e9bcf63f9d17057d41a8d74a6996666a17bae8f5480d18bf68b3d36be_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7b40266e9bcf63f9d17057d41a8d74a6996666a17bae8f5480d18bf68b3d36be_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:7b40266e9bcf63f9d17057d41a8d74a6996666a17bae8f5480d18bf68b3d36be?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.0.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b3f8f5122676f1a9a46f38f7cf8e265536f275ecb7c2ad08874f5e792cc12af0_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b3f8f5122676f1a9a46f38f7cf8e265536f275ecb7c2ad08874f5e792cc12af0_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b3f8f5122676f1a9a46f38f7cf8e265536f275ecb7c2ad08874f5e792cc12af0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:b3f8f5122676f1a9a46f38f7cf8e265536f275ecb7c2ad08874f5e792cc12af0?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.0.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:4b727955da552e9137b8beaacb58743e242ca18c722da4c83d139d01f39ced67_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:4b727955da552e9137b8beaacb58743e242ca18c722da4c83d139d01f39ced67_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:4b727955da552e9137b8beaacb58743e242ca18c722da4c83d139d01f39ced67_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:4b727955da552e9137b8beaacb58743e242ca18c722da4c83d139d01f39ced67?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.0.5-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:683fc6bcd5de85b025df05e59c4ca7d895fb4a3764d65a53f5f0301fd59629a4_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:683fc6bcd5de85b025df05e59c4ca7d895fb4a3764d65a53f5f0301fd59629a4_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:683fc6bcd5de85b025df05e59c4ca7d895fb4a3764d65a53f5f0301fd59629a4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:683fc6bcd5de85b025df05e59c4ca7d895fb4a3764d65a53f5f0301fd59629a4?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.0.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:e2c292eebafb277fbb4d273e9edfe22435b2201e08c02c04011330e0c13fa335_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:e2c292eebafb277fbb4d273e9edfe22435b2201e08c02c04011330e0c13fa335_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:e2c292eebafb277fbb4d273e9edfe22435b2201e08c02c04011330e0c13fa335_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:e2c292eebafb277fbb4d273e9edfe22435b2201e08c02c04011330e0c13fa335?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.0.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4774c909ac77d2d0efd233b54380166576ffa1695cabdc418b809e7beae4f684_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4774c909ac77d2d0efd233b54380166576ffa1695cabdc418b809e7beae4f684_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4774c909ac77d2d0efd233b54380166576ffa1695cabdc418b809e7beae4f684_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:4774c909ac77d2d0efd233b54380166576ffa1695cabdc418b809e7beae4f684?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.0.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:94d2ae7b3e409451320370ac05ed6a88be8546b2e756a306d904ef22a372c7b9_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:94d2ae7b3e409451320370ac05ed6a88be8546b2e756a306d904ef22a372c7b9_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:94d2ae7b3e409451320370ac05ed6a88be8546b2e756a306d904ef22a372c7b9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:94d2ae7b3e409451320370ac05ed6a88be8546b2e756a306d904ef22a372c7b9?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.0.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:af78c6089f148a256854511669e111271d80dc0eba571d9f47628429bce66835_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:af78c6089f148a256854511669e111271d80dc0eba571d9f47628429bce66835_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:af78c6089f148a256854511669e111271d80dc0eba571d9f47628429bce66835_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:af78c6089f148a256854511669e111271d80dc0eba571d9f47628429bce66835?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.0.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3829f94879b2512ae6d38f617a734e79ef9ab7de6f6c1ae1318346d6144e636_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3829f94879b2512ae6d38f617a734e79ef9ab7de6f6c1ae1318346d6144e636_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3829f94879b2512ae6d38f617a734e79ef9ab7de6f6c1ae1318346d6144e636_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:a3829f94879b2512ae6d38f617a734e79ef9ab7de6f6c1ae1318346d6144e636?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.0.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e8cf8dd749a23a9fb3ae23ed2263ada05c6e13c035535c3796eb465f9a071f8f_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e8cf8dd749a23a9fb3ae23ed2263ada05c6e13c035535c3796eb465f9a071f8f_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e8cf8dd749a23a9fb3ae23ed2263ada05c6e13c035535c3796eb465f9a071f8f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:e8cf8dd749a23a9fb3ae23ed2263ada05c6e13c035535c3796eb465f9a071f8f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.0.5-4"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:ff2e32cba218f944d628ab1b12e13f47ba2f5c59198fbadfa91a48203ec65edc_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:ff2e32cba218f944d628ab1b12e13f47ba2f5c59198fbadfa91a48203ec65edc_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:ff2e32cba218f944d628ab1b12e13f47ba2f5c59198fbadfa91a48203ec65edc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:ff2e32cba218f944d628ab1b12e13f47ba2f5c59198fbadfa91a48203ec65edc?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.0.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:681c44488bef3551c8a48b955cb4f80377336474b5eff91d751df9616b403c90_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:681c44488bef3551c8a48b955cb4f80377336474b5eff91d751df9616b403c90_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:681c44488bef3551c8a48b955cb4f80377336474b5eff91d751df9616b403c90_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:681c44488bef3551c8a48b955cb4f80377336474b5eff91d751df9616b403c90?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.0.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8d01a5d038f9f778df054ab9533ff700dfafc72a8b6e086910f2e5db0634b21b_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8d01a5d038f9f778df054ab9533ff700dfafc72a8b6e086910f2e5db0634b21b_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8d01a5d038f9f778df054ab9533ff700dfafc72a8b6e086910f2e5db0634b21b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:8d01a5d038f9f778df054ab9533ff700dfafc72a8b6e086910f2e5db0634b21b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.0.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:39bc3203d9b1bb5031c8abdcf18b578cdb06d87939b92a1adbfe7f58f7263e5e_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:39bc3203d9b1bb5031c8abdcf18b578cdb06d87939b92a1adbfe7f58f7263e5e_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:39bc3203d9b1bb5031c8abdcf18b578cdb06d87939b92a1adbfe7f58f7263e5e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:39bc3203d9b1bb5031c8abdcf18b578cdb06d87939b92a1adbfe7f58f7263e5e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.0.5-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:a0d9cd31d953aaf7e84f5a39f405c5aa2ea62e68d6c728a936ca1ffc4dc1b93e_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:a0d9cd31d953aaf7e84f5a39f405c5aa2ea62e68d6c728a936ca1ffc4dc1b93e_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:a0d9cd31d953aaf7e84f5a39f405c5aa2ea62e68d6c728a936ca1ffc4dc1b93e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:a0d9cd31d953aaf7e84f5a39f405c5aa2ea62e68d6c728a936ca1ffc4dc1b93e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.0.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:37d3b4a85e1214f54d485732f20a83c88a20622a66de83f5f445d9b6274cafe2_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:37d3b4a85e1214f54d485732f20a83c88a20622a66de83f5f445d9b6274cafe2_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:37d3b4a85e1214f54d485732f20a83c88a20622a66de83f5f445d9b6274cafe2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:37d3b4a85e1214f54d485732f20a83c88a20622a66de83f5f445d9b6274cafe2?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.0.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3062a2b35b2911df16e2c4d19bd3e231f4e4f4bd64bfb2d909e54c85eb3bb282_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3062a2b35b2911df16e2c4d19bd3e231f4e4f4bd64bfb2d909e54c85eb3bb282_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3062a2b35b2911df16e2c4d19bd3e231f4e4f4bd64bfb2d909e54c85eb3bb282_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:3062a2b35b2911df16e2c4d19bd3e231f4e4f4bd64bfb2d909e54c85eb3bb282?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.0.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:65a60062866c15fab1eb1af75cc0fdeeec88e7c98c8d9a428a0a8272d6246b1c_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:65a60062866c15fab1eb1af75cc0fdeeec88e7c98c8d9a428a0a8272d6246b1c_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:65a60062866c15fab1eb1af75cc0fdeeec88e7c98c8d9a428a0a8272d6246b1c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:65a60062866c15fab1eb1af75cc0fdeeec88e7c98c8d9a428a0a8272d6246b1c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.0.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8a56051d40e5c4c82c188303b7572da6e4bf21ce1f999db97ab878f59431b8f5_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8a56051d40e5c4c82c188303b7572da6e4bf21ce1f999db97ab878f59431b8f5_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8a56051d40e5c4c82c188303b7572da6e4bf21ce1f999db97ab878f59431b8f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:8a56051d40e5c4c82c188303b7572da6e4bf21ce1f999db97ab878f59431b8f5?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.0.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0312f6391720d2552b067a597c6d30bd47bd72f0e173488b615b3da8e144eb0e_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0312f6391720d2552b067a597c6d30bd47bd72f0e173488b615b3da8e144eb0e_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0312f6391720d2552b067a597c6d30bd47bd72f0e173488b615b3da8e144eb0e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:0312f6391720d2552b067a597c6d30bd47bd72f0e173488b615b3da8e144eb0e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.0.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:410b2c74ad914d4f09f1a64cd51da7ed057b891dd0f2a9803bc168f5b0a81aab_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:410b2c74ad914d4f09f1a64cd51da7ed057b891dd0f2a9803bc168f5b0a81aab_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:410b2c74ad914d4f09f1a64cd51da7ed057b891dd0f2a9803bc168f5b0a81aab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:410b2c74ad914d4f09f1a64cd51da7ed057b891dd0f2a9803bc168f5b0a81aab?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.0.5-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:203f669dfecbe15bf2c026191fac9f03cc2f0a24d4e8ebaa612e03f855cd412c_s390x as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:203f669dfecbe15bf2c026191fac9f03cc2f0a24d4e8ebaa612e03f855cd412c_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:203f669dfecbe15bf2c026191fac9f03cc2f0a24d4e8ebaa612e03f855cd412c_s390x",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a26eaebf47bcf49be38da18badf53884fe8a39b2110de2288e5f83a1ee761202_ppc64le as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a26eaebf47bcf49be38da18badf53884fe8a39b2110de2288e5f83a1ee761202_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a26eaebf47bcf49be38da18badf53884fe8a39b2110de2288e5f83a1ee761202_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:ff2e32cba218f944d628ab1b12e13f47ba2f5c59198fbadfa91a48203ec65edc_amd64 as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ff2e32cba218f944d628ab1b12e13f47ba2f5c59198fbadfa91a48203ec65edc_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:ff2e32cba218f944d628ab1b12e13f47ba2f5c59198fbadfa91a48203ec65edc_amd64",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:681c44488bef3551c8a48b955cb4f80377336474b5eff91d751df9616b403c90_amd64 as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:681c44488bef3551c8a48b955cb4f80377336474b5eff91d751df9616b403c90_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:681c44488bef3551c8a48b955cb4f80377336474b5eff91d751df9616b403c90_amd64",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7b40266e9bcf63f9d17057d41a8d74a6996666a17bae8f5480d18bf68b3d36be_s390x as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:7b40266e9bcf63f9d17057d41a8d74a6996666a17bae8f5480d18bf68b3d36be_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7b40266e9bcf63f9d17057d41a8d74a6996666a17bae8f5480d18bf68b3d36be_s390x",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a59f4e48c51878df91baf624c89a5157f7b6298a14260c0b5d6f902a2aeb574a_ppc64le as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:a59f4e48c51878df91baf624c89a5157f7b6298a14260c0b5d6f902a2aeb574a_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a59f4e48c51878df91baf624c89a5157f7b6298a14260c0b5d6f902a2aeb574a_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8d01a5d038f9f778df054ab9533ff700dfafc72a8b6e086910f2e5db0634b21b_amd64 as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8d01a5d038f9f778df054ab9533ff700dfafc72a8b6e086910f2e5db0634b21b_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8d01a5d038f9f778df054ab9533ff700dfafc72a8b6e086910f2e5db0634b21b_amd64",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b3f8f5122676f1a9a46f38f7cf8e265536f275ecb7c2ad08874f5e792cc12af0_s390x as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b3f8f5122676f1a9a46f38f7cf8e265536f275ecb7c2ad08874f5e792cc12af0_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b3f8f5122676f1a9a46f38f7cf8e265536f275ecb7c2ad08874f5e792cc12af0_s390x",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b60c0000ee6f5c5bfcee7ecac40feac1029f8520236cec8eb76a7353f7fab2b5_ppc64le as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b60c0000ee6f5c5bfcee7ecac40feac1029f8520236cec8eb76a7353f7fab2b5_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b60c0000ee6f5c5bfcee7ecac40feac1029f8520236cec8eb76a7353f7fab2b5_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:02afc60209fa02f98325677202887cf58a04dd334ead4bea9d601b2ebca60f25_ppc64le as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:02afc60209fa02f98325677202887cf58a04dd334ead4bea9d601b2ebca60f25_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:02afc60209fa02f98325677202887cf58a04dd334ead4bea9d601b2ebca60f25_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:39bc3203d9b1bb5031c8abdcf18b578cdb06d87939b92a1adbfe7f58f7263e5e_amd64 as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:39bc3203d9b1bb5031c8abdcf18b578cdb06d87939b92a1adbfe7f58f7263e5e_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:39bc3203d9b1bb5031c8abdcf18b578cdb06d87939b92a1adbfe7f58f7263e5e_amd64",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:4b727955da552e9137b8beaacb58743e242ca18c722da4c83d139d01f39ced67_s390x as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:4b727955da552e9137b8beaacb58743e242ca18c722da4c83d139d01f39ced67_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:4b727955da552e9137b8beaacb58743e242ca18c722da4c83d139d01f39ced67_s390x",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:683fc6bcd5de85b025df05e59c4ca7d895fb4a3764d65a53f5f0301fd59629a4_s390x as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:683fc6bcd5de85b025df05e59c4ca7d895fb4a3764d65a53f5f0301fd59629a4_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:683fc6bcd5de85b025df05e59c4ca7d895fb4a3764d65a53f5f0301fd59629a4_s390x",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:a0d9cd31d953aaf7e84f5a39f405c5aa2ea62e68d6c728a936ca1ffc4dc1b93e_amd64 as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:a0d9cd31d953aaf7e84f5a39f405c5aa2ea62e68d6c728a936ca1ffc4dc1b93e_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:a0d9cd31d953aaf7e84f5a39f405c5aa2ea62e68d6c728a936ca1ffc4dc1b93e_amd64",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:c2f484a894fe64522f40b9d0c16e19e933560505aec2e156f7ba543e3f0331bb_ppc64le as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:c2f484a894fe64522f40b9d0c16e19e933560505aec2e156f7ba543e3f0331bb_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:c2f484a894fe64522f40b9d0c16e19e933560505aec2e156f7ba543e3f0331bb_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:37d3b4a85e1214f54d485732f20a83c88a20622a66de83f5f445d9b6274cafe2_amd64 as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:37d3b4a85e1214f54d485732f20a83c88a20622a66de83f5f445d9b6274cafe2_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:37d3b4a85e1214f54d485732f20a83c88a20622a66de83f5f445d9b6274cafe2_amd64",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:b52ff18b3d963f57dc7aeb5ffc8143aaa6eb76bea5e7912fe2f0fc6e7a6f3245_ppc64le as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:b52ff18b3d963f57dc7aeb5ffc8143aaa6eb76bea5e7912fe2f0fc6e7a6f3245_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:b52ff18b3d963f57dc7aeb5ffc8143aaa6eb76bea5e7912fe2f0fc6e7a6f3245_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:e2c292eebafb277fbb4d273e9edfe22435b2201e08c02c04011330e0c13fa335_s390x as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:e2c292eebafb277fbb4d273e9edfe22435b2201e08c02c04011330e0c13fa335_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:e2c292eebafb277fbb4d273e9edfe22435b2201e08c02c04011330e0c13fa335_s390x",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3062a2b35b2911df16e2c4d19bd3e231f4e4f4bd64bfb2d909e54c85eb3bb282_amd64 as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3062a2b35b2911df16e2c4d19bd3e231f4e4f4bd64bfb2d909e54c85eb3bb282_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3062a2b35b2911df16e2c4d19bd3e231f4e4f4bd64bfb2d909e54c85eb3bb282_amd64",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4774c909ac77d2d0efd233b54380166576ffa1695cabdc418b809e7beae4f684_s390x as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4774c909ac77d2d0efd233b54380166576ffa1695cabdc418b809e7beae4f684_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4774c909ac77d2d0efd233b54380166576ffa1695cabdc418b809e7beae4f684_s390x",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f2e86b59baf64ec0e15b190676a8a81d8742f4cf88e8c216bafe3fd355a534f_ppc64le as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f2e86b59baf64ec0e15b190676a8a81d8742f4cf88e8c216bafe3fd355a534f_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f2e86b59baf64ec0e15b190676a8a81d8742f4cf88e8c216bafe3fd355a534f_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2d56340729ea34c80d7cf9342812a20ad2bb371c4ad4de656d55e3004352df1c_ppc64le as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2d56340729ea34c80d7cf9342812a20ad2bb371c4ad4de656d55e3004352df1c_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2d56340729ea34c80d7cf9342812a20ad2bb371c4ad4de656d55e3004352df1c_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8a56051d40e5c4c82c188303b7572da6e4bf21ce1f999db97ab878f59431b8f5_amd64 as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8a56051d40e5c4c82c188303b7572da6e4bf21ce1f999db97ab878f59431b8f5_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8a56051d40e5c4c82c188303b7572da6e4bf21ce1f999db97ab878f59431b8f5_amd64",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:af78c6089f148a256854511669e111271d80dc0eba571d9f47628429bce66835_s390x as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:af78c6089f148a256854511669e111271d80dc0eba571d9f47628429bce66835_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:af78c6089f148a256854511669e111271d80dc0eba571d9f47628429bce66835_s390x",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0312f6391720d2552b067a597c6d30bd47bd72f0e173488b615b3da8e144eb0e_amd64 as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0312f6391720d2552b067a597c6d30bd47bd72f0e173488b615b3da8e144eb0e_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0312f6391720d2552b067a597c6d30bd47bd72f0e173488b615b3da8e144eb0e_amd64",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3829f94879b2512ae6d38f617a734e79ef9ab7de6f6c1ae1318346d6144e636_s390x as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3829f94879b2512ae6d38f617a734e79ef9ab7de6f6c1ae1318346d6144e636_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3829f94879b2512ae6d38f617a734e79ef9ab7de6f6c1ae1318346d6144e636_s390x",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc74190ce1f373590969a90aae941a6af820268aa41548bc06ae9c70da8afef5_ppc64le as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc74190ce1f373590969a90aae941a6af820268aa41548bc06ae9c70da8afef5_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc74190ce1f373590969a90aae941a6af820268aa41548bc06ae9c70da8afef5_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:65a60062866c15fab1eb1af75cc0fdeeec88e7c98c8d9a428a0a8272d6246b1c_amd64 as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:65a60062866c15fab1eb1af75cc0fdeeec88e7c98c8d9a428a0a8272d6246b1c_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:65a60062866c15fab1eb1af75cc0fdeeec88e7c98c8d9a428a0a8272d6246b1c_amd64",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:94d2ae7b3e409451320370ac05ed6a88be8546b2e756a306d904ef22a372c7b9_s390x as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:94d2ae7b3e409451320370ac05ed6a88be8546b2e756a306d904ef22a372c7b9_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:94d2ae7b3e409451320370ac05ed6a88be8546b2e756a306d904ef22a372c7b9_s390x",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:e08d42e2c6c12932ec1f915bb153111076ced6d82a9205f1998e0cb970f9ca11_ppc64le as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:e08d42e2c6c12932ec1f915bb153111076ced6d82a9205f1998e0cb970f9ca11_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:e08d42e2c6c12932ec1f915bb153111076ced6d82a9205f1998e0cb970f9ca11_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:410b2c74ad914d4f09f1a64cd51da7ed057b891dd0f2a9803bc168f5b0a81aab_amd64 as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:410b2c74ad914d4f09f1a64cd51da7ed057b891dd0f2a9803bc168f5b0a81aab_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:410b2c74ad914d4f09f1a64cd51da7ed057b891dd0f2a9803bc168f5b0a81aab_amd64",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bcf867cadab62b7761bce469db61cb231fadfa4e97c141fb0d8a2946cf548f74_ppc64le as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bcf867cadab62b7761bce469db61cb231fadfa4e97c141fb0d8a2946cf548f74_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bcf867cadab62b7761bce469db61cb231fadfa4e97c141fb0d8a2946cf548f74_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e8cf8dd749a23a9fb3ae23ed2263ada05c6e13c035535c3796eb465f9a071f8f_s390x as a component of RHACS 4.0 for RHEL 8",
"product_id": "8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e8cf8dd749a23a9fb3ae23ed2263ada05c6e13c035535c3796eb465f9a071f8f_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e8cf8dd749a23a9fb3ae23ed2263ada05c6e13c035535c3796eb465f9a071f8f_s390x",
"relates_to_product_reference": "8Base-RHACS-4.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:203f669dfecbe15bf2c026191fac9f03cc2f0a24d4e8ebaa612e03f855cd412c_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a26eaebf47bcf49be38da18badf53884fe8a39b2110de2288e5f83a1ee761202_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ff2e32cba218f944d628ab1b12e13f47ba2f5c59198fbadfa91a48203ec65edc_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:681c44488bef3551c8a48b955cb4f80377336474b5eff91d751df9616b403c90_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:7b40266e9bcf63f9d17057d41a8d74a6996666a17bae8f5480d18bf68b3d36be_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:a59f4e48c51878df91baf624c89a5157f7b6298a14260c0b5d6f902a2aeb574a_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8d01a5d038f9f778df054ab9533ff700dfafc72a8b6e086910f2e5db0634b21b_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b3f8f5122676f1a9a46f38f7cf8e265536f275ecb7c2ad08874f5e792cc12af0_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b60c0000ee6f5c5bfcee7ecac40feac1029f8520236cec8eb76a7353f7fab2b5_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:683fc6bcd5de85b025df05e59c4ca7d895fb4a3764d65a53f5f0301fd59629a4_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:a0d9cd31d953aaf7e84f5a39f405c5aa2ea62e68d6c728a936ca1ffc4dc1b93e_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:c2f484a894fe64522f40b9d0c16e19e933560505aec2e156f7ba543e3f0331bb_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:37d3b4a85e1214f54d485732f20a83c88a20622a66de83f5f445d9b6274cafe2_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:b52ff18b3d963f57dc7aeb5ffc8143aaa6eb76bea5e7912fe2f0fc6e7a6f3245_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:e2c292eebafb277fbb4d273e9edfe22435b2201e08c02c04011330e0c13fa335_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3062a2b35b2911df16e2c4d19bd3e231f4e4f4bd64bfb2d909e54c85eb3bb282_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4774c909ac77d2d0efd233b54380166576ffa1695cabdc418b809e7beae4f684_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f2e86b59baf64ec0e15b190676a8a81d8742f4cf88e8c216bafe3fd355a534f_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2d56340729ea34c80d7cf9342812a20ad2bb371c4ad4de656d55e3004352df1c_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8a56051d40e5c4c82c188303b7572da6e4bf21ce1f999db97ab878f59431b8f5_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:af78c6089f148a256854511669e111271d80dc0eba571d9f47628429bce66835_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0312f6391720d2552b067a597c6d30bd47bd72f0e173488b615b3da8e144eb0e_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3829f94879b2512ae6d38f617a734e79ef9ab7de6f6c1ae1318346d6144e636_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc74190ce1f373590969a90aae941a6af820268aa41548bc06ae9c70da8afef5_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:65a60062866c15fab1eb1af75cc0fdeeec88e7c98c8d9a428a0a8272d6246b1c_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:94d2ae7b3e409451320370ac05ed6a88be8546b2e756a306d904ef22a372c7b9_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:e08d42e2c6c12932ec1f915bb153111076ced6d82a9205f1998e0cb970f9ca11_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:410b2c74ad914d4f09f1a64cd51da7ed057b891dd0f2a9803bc168f5b0a81aab_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bcf867cadab62b7761bce469db61cb231fadfa4e97c141fb0d8a2946cf548f74_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e8cf8dd749a23a9fb3ae23ed2263ada05c6e13c035535c3796eb465f9a071f8f_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:02afc60209fa02f98325677202887cf58a04dd334ead4bea9d601b2ebca60f25_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:39bc3203d9b1bb5031c8abdcf18b578cdb06d87939b92a1adbfe7f58f7263e5e_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:4b727955da552e9137b8beaacb58743e242ca18c722da4c83d139d01f39ced67_s390x"
],
"known_not_affected": [
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:203f669dfecbe15bf2c026191fac9f03cc2f0a24d4e8ebaa612e03f855cd412c_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a26eaebf47bcf49be38da18badf53884fe8a39b2110de2288e5f83a1ee761202_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ff2e32cba218f944d628ab1b12e13f47ba2f5c59198fbadfa91a48203ec65edc_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:681c44488bef3551c8a48b955cb4f80377336474b5eff91d751df9616b403c90_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:7b40266e9bcf63f9d17057d41a8d74a6996666a17bae8f5480d18bf68b3d36be_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:a59f4e48c51878df91baf624c89a5157f7b6298a14260c0b5d6f902a2aeb574a_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8d01a5d038f9f778df054ab9533ff700dfafc72a8b6e086910f2e5db0634b21b_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b3f8f5122676f1a9a46f38f7cf8e265536f275ecb7c2ad08874f5e792cc12af0_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b60c0000ee6f5c5bfcee7ecac40feac1029f8520236cec8eb76a7353f7fab2b5_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:683fc6bcd5de85b025df05e59c4ca7d895fb4a3764d65a53f5f0301fd59629a4_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:a0d9cd31d953aaf7e84f5a39f405c5aa2ea62e68d6c728a936ca1ffc4dc1b93e_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:c2f484a894fe64522f40b9d0c16e19e933560505aec2e156f7ba543e3f0331bb_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:37d3b4a85e1214f54d485732f20a83c88a20622a66de83f5f445d9b6274cafe2_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:b52ff18b3d963f57dc7aeb5ffc8143aaa6eb76bea5e7912fe2f0fc6e7a6f3245_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:e2c292eebafb277fbb4d273e9edfe22435b2201e08c02c04011330e0c13fa335_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3062a2b35b2911df16e2c4d19bd3e231f4e4f4bd64bfb2d909e54c85eb3bb282_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4774c909ac77d2d0efd233b54380166576ffa1695cabdc418b809e7beae4f684_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f2e86b59baf64ec0e15b190676a8a81d8742f4cf88e8c216bafe3fd355a534f_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2d56340729ea34c80d7cf9342812a20ad2bb371c4ad4de656d55e3004352df1c_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8a56051d40e5c4c82c188303b7572da6e4bf21ce1f999db97ab878f59431b8f5_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:af78c6089f148a256854511669e111271d80dc0eba571d9f47628429bce66835_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0312f6391720d2552b067a597c6d30bd47bd72f0e173488b615b3da8e144eb0e_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3829f94879b2512ae6d38f617a734e79ef9ab7de6f6c1ae1318346d6144e636_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc74190ce1f373590969a90aae941a6af820268aa41548bc06ae9c70da8afef5_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:65a60062866c15fab1eb1af75cc0fdeeec88e7c98c8d9a428a0a8272d6246b1c_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:94d2ae7b3e409451320370ac05ed6a88be8546b2e756a306d904ef22a372c7b9_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:e08d42e2c6c12932ec1f915bb153111076ced6d82a9205f1998e0cb970f9ca11_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:410b2c74ad914d4f09f1a64cd51da7ed057b891dd0f2a9803bc168f5b0a81aab_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bcf867cadab62b7761bce469db61cb231fadfa4e97c141fb0d8a2946cf548f74_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e8cf8dd749a23a9fb3ae23ed2263ada05c6e13c035535c3796eb465f9a071f8f_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T09:41:00+00:00",
"details": "If you are using an earlier version of RHACS 4.0, you are advised to upgrade to patch release 4.0.5.",
"product_ids": [
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:02afc60209fa02f98325677202887cf58a04dd334ead4bea9d601b2ebca60f25_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:39bc3203d9b1bb5031c8abdcf18b578cdb06d87939b92a1adbfe7f58f7263e5e_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:4b727955da552e9137b8beaacb58743e242ca18c722da4c83d139d01f39ced67_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6071"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:203f669dfecbe15bf2c026191fac9f03cc2f0a24d4e8ebaa612e03f855cd412c_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a26eaebf47bcf49be38da18badf53884fe8a39b2110de2288e5f83a1ee761202_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ff2e32cba218f944d628ab1b12e13f47ba2f5c59198fbadfa91a48203ec65edc_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:681c44488bef3551c8a48b955cb4f80377336474b5eff91d751df9616b403c90_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:7b40266e9bcf63f9d17057d41a8d74a6996666a17bae8f5480d18bf68b3d36be_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:a59f4e48c51878df91baf624c89a5157f7b6298a14260c0b5d6f902a2aeb574a_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8d01a5d038f9f778df054ab9533ff700dfafc72a8b6e086910f2e5db0634b21b_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b3f8f5122676f1a9a46f38f7cf8e265536f275ecb7c2ad08874f5e792cc12af0_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b60c0000ee6f5c5bfcee7ecac40feac1029f8520236cec8eb76a7353f7fab2b5_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:02afc60209fa02f98325677202887cf58a04dd334ead4bea9d601b2ebca60f25_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:39bc3203d9b1bb5031c8abdcf18b578cdb06d87939b92a1adbfe7f58f7263e5e_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:4b727955da552e9137b8beaacb58743e242ca18c722da4c83d139d01f39ced67_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:683fc6bcd5de85b025df05e59c4ca7d895fb4a3764d65a53f5f0301fd59629a4_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:a0d9cd31d953aaf7e84f5a39f405c5aa2ea62e68d6c728a936ca1ffc4dc1b93e_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:c2f484a894fe64522f40b9d0c16e19e933560505aec2e156f7ba543e3f0331bb_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:37d3b4a85e1214f54d485732f20a83c88a20622a66de83f5f445d9b6274cafe2_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:b52ff18b3d963f57dc7aeb5ffc8143aaa6eb76bea5e7912fe2f0fc6e7a6f3245_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:e2c292eebafb277fbb4d273e9edfe22435b2201e08c02c04011330e0c13fa335_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3062a2b35b2911df16e2c4d19bd3e231f4e4f4bd64bfb2d909e54c85eb3bb282_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4774c909ac77d2d0efd233b54380166576ffa1695cabdc418b809e7beae4f684_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f2e86b59baf64ec0e15b190676a8a81d8742f4cf88e8c216bafe3fd355a534f_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2d56340729ea34c80d7cf9342812a20ad2bb371c4ad4de656d55e3004352df1c_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8a56051d40e5c4c82c188303b7572da6e4bf21ce1f999db97ab878f59431b8f5_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:af78c6089f148a256854511669e111271d80dc0eba571d9f47628429bce66835_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0312f6391720d2552b067a597c6d30bd47bd72f0e173488b615b3da8e144eb0e_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3829f94879b2512ae6d38f617a734e79ef9ab7de6f6c1ae1318346d6144e636_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc74190ce1f373590969a90aae941a6af820268aa41548bc06ae9c70da8afef5_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:65a60062866c15fab1eb1af75cc0fdeeec88e7c98c8d9a428a0a8272d6246b1c_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:94d2ae7b3e409451320370ac05ed6a88be8546b2e756a306d904ef22a372c7b9_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:e08d42e2c6c12932ec1f915bb153111076ced6d82a9205f1998e0cb970f9ca11_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:410b2c74ad914d4f09f1a64cd51da7ed057b891dd0f2a9803bc168f5b0a81aab_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bcf867cadab62b7761bce469db61cb231fadfa4e97c141fb0d8a2946cf548f74_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e8cf8dd749a23a9fb3ae23ed2263ada05c6e13c035535c3796eb465f9a071f8f_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:203f669dfecbe15bf2c026191fac9f03cc2f0a24d4e8ebaa612e03f855cd412c_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a26eaebf47bcf49be38da18badf53884fe8a39b2110de2288e5f83a1ee761202_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ff2e32cba218f944d628ab1b12e13f47ba2f5c59198fbadfa91a48203ec65edc_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:681c44488bef3551c8a48b955cb4f80377336474b5eff91d751df9616b403c90_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:7b40266e9bcf63f9d17057d41a8d74a6996666a17bae8f5480d18bf68b3d36be_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-rhel8@sha256:a59f4e48c51878df91baf624c89a5157f7b6298a14260c0b5d6f902a2aeb574a_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8d01a5d038f9f778df054ab9533ff700dfafc72a8b6e086910f2e5db0634b21b_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b3f8f5122676f1a9a46f38f7cf8e265536f275ecb7c2ad08874f5e792cc12af0_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b60c0000ee6f5c5bfcee7ecac40feac1029f8520236cec8eb76a7353f7fab2b5_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:02afc60209fa02f98325677202887cf58a04dd334ead4bea9d601b2ebca60f25_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:39bc3203d9b1bb5031c8abdcf18b578cdb06d87939b92a1adbfe7f58f7263e5e_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-main-rhel8@sha256:4b727955da552e9137b8beaacb58743e242ca18c722da4c83d139d01f39ced67_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:683fc6bcd5de85b025df05e59c4ca7d895fb4a3764d65a53f5f0301fd59629a4_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:a0d9cd31d953aaf7e84f5a39f405c5aa2ea62e68d6c728a936ca1ffc4dc1b93e_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-operator-bundle@sha256:c2f484a894fe64522f40b9d0c16e19e933560505aec2e156f7ba543e3f0331bb_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:37d3b4a85e1214f54d485732f20a83c88a20622a66de83f5f445d9b6274cafe2_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:b52ff18b3d963f57dc7aeb5ffc8143aaa6eb76bea5e7912fe2f0fc6e7a6f3245_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-rhel8-operator@sha256:e2c292eebafb277fbb4d273e9edfe22435b2201e08c02c04011330e0c13fa335_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3062a2b35b2911df16e2c4d19bd3e231f4e4f4bd64bfb2d909e54c85eb3bb282_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4774c909ac77d2d0efd233b54380166576ffa1695cabdc418b809e7beae4f684_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f2e86b59baf64ec0e15b190676a8a81d8742f4cf88e8c216bafe3fd355a534f_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2d56340729ea34c80d7cf9342812a20ad2bb371c4ad4de656d55e3004352df1c_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8a56051d40e5c4c82c188303b7572da6e4bf21ce1f999db97ab878f59431b8f5_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:af78c6089f148a256854511669e111271d80dc0eba571d9f47628429bce66835_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0312f6391720d2552b067a597c6d30bd47bd72f0e173488b615b3da8e144eb0e_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3829f94879b2512ae6d38f617a734e79ef9ab7de6f6c1ae1318346d6144e636_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc74190ce1f373590969a90aae941a6af820268aa41548bc06ae9c70da8afef5_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:65a60062866c15fab1eb1af75cc0fdeeec88e7c98c8d9a428a0a8272d6246b1c_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:94d2ae7b3e409451320370ac05ed6a88be8546b2e756a306d904ef22a372c7b9_s390x",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-rhel8@sha256:e08d42e2c6c12932ec1f915bb153111076ced6d82a9205f1998e0cb970f9ca11_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:410b2c74ad914d4f09f1a64cd51da7ed057b891dd0f2a9803bc168f5b0a81aab_amd64",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:bcf867cadab62b7761bce469db61cb231fadfa4e97c141fb0d8a2946cf548f74_ppc64le",
"8Base-RHACS-4.0:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e8cf8dd749a23a9fb3ae23ed2263ada05c6e13c035535c3796eb465f9a071f8f_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
}
]
}
RHSA-2023_6077
Vulnerability from csaf_redhat - Published: 2023-10-24 12:18 - Updated: 2024-12-18 04:49A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated rhel9/toolbox container image is now available in the Red Hat container registry.",
"title": "Topic"
},
{
"category": "general",
"text": "The rhel9/toolbox container image can be used with Toolbox to obtain RHEL based containerized command line environments to aid with development and software testing. Toolbox is built on top of Podman and other standard container technologies from OCI.\n\nThis updates the rhel9/toolbox image in the Red Hat container registry.\n\nTo pull this container image, run one of the following commands:\n\n podman pull registry.redhat.io/rhel9/toolbox (authenticated)\n podman pull registry.access.redhat.com/ubi9/toolbox (unauthenticated)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6077",
"url": "https://access.redhat.com/errata/RHSA-2023:6077"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/software/containers/search",
"url": "https://catalog.redhat.com/software/containers/search"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6077.json"
}
],
"title": "Red Hat Security Advisory: toolbox security update",
"tracking": {
"current_release_date": "2024-12-18T04:49:15+00:00",
"generator": {
"date": "2024-12-18T04:49:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:6077",
"initial_release_date": "2023-10-24T12:18:38+00:00",
"revision_history": [
{
"date": "2023-10-24T12:18:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-24T12:18:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:49:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-10.el9_2.src",
"product": {
"name": "toolbox-0:0.0.99.3-10.el9_2.src",
"product_id": "toolbox-0:0.0.99.3-10.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-10.el9_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-10.el9_2.aarch64",
"product": {
"name": "toolbox-0:0.0.99.3-10.el9_2.aarch64",
"product_id": "toolbox-0:0.0.99.3-10.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-10.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"product": {
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"product_id": "toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-tests@0.0.99.3-10.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"product": {
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"product_id": "toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debugsource@0.0.99.3-10.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"product": {
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"product_id": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debuginfo@0.0.99.3-10.el9_2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"product": {
"name": "toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"product_id": "toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-10.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"product": {
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"product_id": "toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-tests@0.0.99.3-10.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"product": {
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"product_id": "toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debugsource@0.0.99.3-10.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"product": {
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"product_id": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debuginfo@0.0.99.3-10.el9_2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-10.el9_2.x86_64",
"product": {
"name": "toolbox-0:0.0.99.3-10.el9_2.x86_64",
"product_id": "toolbox-0:0.0.99.3-10.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-10.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.x86_64",
"product": {
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.x86_64",
"product_id": "toolbox-tests-0:0.0.99.3-10.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-tests@0.0.99.3-10.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"product": {
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"product_id": "toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debugsource@0.0.99.3-10.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"product": {
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"product_id": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debuginfo@0.0.99.3-10.el9_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-10.el9_2.s390x",
"product": {
"name": "toolbox-0:0.0.99.3-10.el9_2.s390x",
"product_id": "toolbox-0:0.0.99.3-10.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-10.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"product": {
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"product_id": "toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-tests@0.0.99.3-10.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"product": {
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"product_id": "toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debugsource@0.0.99.3-10.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"product": {
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"product_id": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debuginfo@0.0.99.3-10.el9_2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-10.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64"
},
"product_reference": "toolbox-0:0.0.99.3-10.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-10.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le"
},
"product_reference": "toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-10.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x"
},
"product_reference": "toolbox-0:0.0.99.3-10.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-10.el9_2.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src"
},
"product_reference": "toolbox-0:0.0.99.3-10.el9_2.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-10.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64"
},
"product_reference": "toolbox-0:0.0.99.3-10.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64"
},
"product_reference": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le"
},
"product_reference": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x"
},
"product_reference": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64"
},
"product_reference": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64"
},
"product_reference": "toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le"
},
"product_reference": "toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x"
},
"product_reference": "toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64"
},
"product_reference": "toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64"
},
"product_reference": "toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le"
},
"product_reference": "toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x"
},
"product_reference": "toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
},
"product_reference": "toolbox-tests-0:0.0.99.3-10.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T12:18:38+00:00",
"details": "The container image provided by this update can be downloaded from the Red Hat container registry at registry.redhat.io or registry.access.redhat.com using the \"podman pull\" command.\n\nFor more information about the image, search the \u003cimage_name\u003e in the Red Hat Ecosystem Catalog: https://catalog.redhat.com/software/containers/search.",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6077"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T12:18:38+00:00",
"details": "The container image provided by this update can be downloaded from the Red Hat container registry at registry.redhat.io or registry.access.redhat.com using the \"podman pull\" command.\n\nFor more information about the image, search the \u003cimage_name\u003e in the Red Hat Ecosystem Catalog: https://catalog.redhat.com/software/containers/search.",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6077"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023_6084
Vulnerability from csaf_redhat - Published: 2023-10-24 14:57 - Updated: 2024-12-18 04:49A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le | — |
Workaround
|
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security. The\nupdated image includes new features and bug fixes.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of RHACS 3.74.7 includes fixes for the following security\nvulnerabilities:\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive\nwork\n(CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS\nattack\n(Rapid Reset Attack) (CVE-2023-44487)\n\n* Various CVEs in containers for glibc security issues\n\nA Red Hat Security Bulletin which addresses further details about this flaw\nis\navailable in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s)\nlisted in the References section.\n\nRHACS 3.74.7 includes a new default policy called \"Rapid Reset: Denial of\nService\nVulnerability in HTTP/2 Protocol\". This policy alerts on deployments with\nimages\ncontaining components that are susceptible to a Denial of Service (DoS)\nvulnerability for HTTP/2 servers, based on CVE-2023-44487 and\nCVE-2023-39325.\nThis policy applies to the build or deploy life cycle stage.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6084",
"url": "https://access.redhat.com/errata/RHSA-2023:6084"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://docs.openshift.com/acs/3.74/release_notes/374-release-notes.html",
"url": "https://docs.openshift.com/acs/3.74/release_notes/374-release-notes.html"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "ROX-20195",
"url": "https://issues.redhat.com/browse/ROX-20195"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6084.json"
}
],
"title": "Red Hat Security Advisory: RHACS 3.74 enhancement and security update",
"tracking": {
"current_release_date": "2024-12-18T04:49:35+00:00",
"generator": {
"date": "2024-12-18T04:49:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:6084",
"initial_release_date": "2023-10-24T14:57:00+00:00",
"revision_history": [
{
"date": "2023-10-24T14:57:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-24T14:57:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:49:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 3.74 for RHEL 8",
"product": {
"name": "RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=3.74.7-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=3.74.7-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=3.74.7-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=3.74.7-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=3.74.7-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=3.74.7-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=3.74.7-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=3.74.7-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=3.74.7-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x"
],
"known_not_affected": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T14:57:00+00:00",
"details": "If you are using an earlier version of RHACS 3.74, you are advised to upgrade to patch release 3.74.7.",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6084"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x"
],
"known_not_affected": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T14:57:00+00:00",
"details": "If you are using an earlier version of RHACS 3.74, you are advised to upgrade to patch release 3.74.7.",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6084"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023_6085
Vulnerability from csaf_redhat - Published: 2023-10-24 15:32 - Updated: 2024-12-18 04:49A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x | — |
Vendor Fix
fix
|
A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x | — |
Vendor Fix
fix
|
A flaw was found in Golang. The html/template package did not properly handle HMTL-like "<!--" and "-->" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This issue may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x | — |
Vendor Fix
fix
|
A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script> contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x | — |
Vendor Fix
fix
|
A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x | — |
Vendor Fix
fix
|
A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x | — |
Vendor Fix
fix
|
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x | — |
Vendor Fix
fix
Workaround
|
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Openshift distributed tracing 2.9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Security Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)\n\n* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)\n\n* golang: html/template: improper handling of HTML-like comments within script contexts (CVE-2023-39318)\n\n* golang: html/template: improper handling of special tags within script contexts (CVE-2023-39319)\n\n* golang: crypto/tls: panic when processing post-handshake message on QUIC connections (CVE-2023-39321)\n\n* golang: crypto/tls: lack of a limit on buffered post-handshake (CVE-2023-39322)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6085",
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "2237773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237773"
},
{
"category": "external",
"summary": "2237776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237776"
},
{
"category": "external",
"summary": "2237777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237777"
},
{
"category": "external",
"summary": "2237778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237778"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6085.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift distributed tracing security update",
"tracking": {
"current_release_date": "2024-12-18T04:49:44+00:00",
"generator": {
"date": "2024-12-18T04:49:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:6085",
"initial_release_date": "2023-10-24T15:32:35+00:00",
"revision_history": [
{
"date": "2023-10-24T15:32:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-24T15:32:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:49:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift distributed tracing 2.9",
"product": {
"name": "Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_distributed_tracing:2.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift distributed tracing"
},
{
"branches": [
{
"category": "product_version",
"name": "rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"product": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"product_id": "rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"product": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"product_id": "rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"product": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"product_id": "rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"product": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"product_id": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"product": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"product_id": "rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"product": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"product_id": "rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"product": {
"name": "rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"product_id": "rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle\u0026tag=1.47.1-10"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"product": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"product_id": "rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"product": {
"name": "rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"product_id": "rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"product": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"product_id": "rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8\u0026tag=0.81.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"product": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"product_id": "rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle\u0026tag=0.81.1-8"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"product": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"product_id": "rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator\u0026tag=0.81.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"product": {
"name": "rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"product_id": "rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel8\u0026tag=2.1.1-9"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"product": {
"name": "rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"product_id": "rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel8\u0026tag=742e3d3-2"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"product": {
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"product_id": "rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8\u0026tag=fe53f40-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"product": {
"name": "rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"product_id": "rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-operator-bundle\u0026tag=0.3.1-7"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"product": {
"name": "rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"product_id": "rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel8-operator\u0026tag=0.3.1-2"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"product": {
"name": "rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"product_id": "rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-query-rhel8\u0026tag=0.3.1-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"product": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"product_id": "rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"product": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"product_id": "rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"product": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"product_id": "rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"product": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"product_id": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"product": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"product_id": "rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"product": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"product_id": "rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"product": {
"name": "rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"product_id": "rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle\u0026tag=1.47.1-10"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"product": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"product_id": "rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"product": {
"name": "rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"product_id": "rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"product": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"product_id": "rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8\u0026tag=0.81.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"product": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"product_id": "rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle\u0026tag=0.81.1-8"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"product": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"product_id": "rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator\u0026tag=0.81.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"product": {
"name": "rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"product_id": "rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel8\u0026tag=2.1.1-9"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"product": {
"name": "rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"product_id": "rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel8\u0026tag=742e3d3-2"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"product": {
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"product_id": "rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8\u0026tag=fe53f40-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"product": {
"name": "rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"product_id": "rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-operator-bundle\u0026tag=0.3.1-7"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"product": {
"name": "rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"product_id": "rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel8-operator\u0026tag=0.3.1-2"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"product": {
"name": "rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"product_id": "rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-query-rhel8\u0026tag=0.3.1-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"product": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"product_id": "rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"product": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"product_id": "rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"product": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"product_id": "rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"product": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"product_id": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"product": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"product_id": "rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"product": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"product_id": "rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"product": {
"name": "rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"product_id": "rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle\u0026tag=1.47.1-10"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"product": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"product_id": "rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"product": {
"name": "rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"product_id": "rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"product": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"product_id": "rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8\u0026tag=0.81.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"product": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"product_id": "rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle\u0026tag=0.81.1-8"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"product": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"product_id": "rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator\u0026tag=0.81.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x",
"product": {
"name": "rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x",
"product_id": "rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel8\u0026tag=2.1.1-9"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"product": {
"name": "rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"product_id": "rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel8\u0026tag=742e3d3-2"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"product": {
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"product_id": "rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8\u0026tag=fe53f40-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"product": {
"name": "rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"product_id": "rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-operator-bundle\u0026tag=0.3.1-7"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"product": {
"name": "rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"product_id": "rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel8-operator\u0026tag=0.3.1-2"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"product": {
"name": "rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"product_id": "rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-query-rhel8\u0026tag=0.3.1-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x"
},
"product_reference": "rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64"
},
"product_reference": "rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le"
},
"product_reference": "rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le"
},
"product_reference": "rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x"
},
"product_reference": "rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64"
},
"product_reference": "rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le"
},
"product_reference": "rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64"
},
"product_reference": "rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x"
},
"product_reference": "rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64"
},
"product_reference": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x"
},
"product_reference": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le"
},
"product_reference": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64"
},
"product_reference": "rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le"
},
"product_reference": "rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x"
},
"product_reference": "rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le"
},
"product_reference": "rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64"
},
"product_reference": "rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x"
},
"product_reference": "rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x"
},
"product_reference": "rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le"
},
"product_reference": "rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64"
},
"product_reference": "rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le"
},
"product_reference": "rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64"
},
"product_reference": "rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x"
},
"product_reference": "rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x"
},
"product_reference": "rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64"
},
"product_reference": "rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le"
},
"product_reference": "rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le"
},
"product_reference": "rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64"
},
"product_reference": "rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x"
},
"product_reference": "rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x"
},
"product_reference": "rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le"
},
"product_reference": "rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64"
},
"product_reference": "rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le"
},
"product_reference": "rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64"
},
"product_reference": "rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x"
},
"product_reference": "rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le"
},
"product_reference": "rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x"
},
"product_reference": "rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64"
},
"product_reference": "rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x"
},
"product_reference": "rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le"
},
"product_reference": "rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64"
},
"product_reference": "rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le"
},
"product_reference": "rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x"
},
"product_reference": "rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64"
},
"product_reference": "rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x"
},
"product_reference": "rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64"
},
"product_reference": "rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le"
},
"product_reference": "rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64"
},
"product_reference": "rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x"
},
"product_reference": "rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le"
},
"product_reference": "rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le"
},
"product_reference": "rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64"
},
"product_reference": "rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
},
"product_reference": "rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-29406",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: insufficient sanitization of Host header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29406"
},
{
"category": "external",
"summary": "RHBZ#2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
}
],
"release_date": "2023-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T15:32:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: insufficient sanitization of Host header"
},
{
"cve": "CVE-2023-29409",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228743"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29409"
},
{
"category": "external",
"summary": "RHBZ#2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
},
{
"category": "external",
"summary": "https://go.dev/cl/515257",
"url": "https://go.dev/cl/515257"
},
{
"category": "external",
"summary": "https://go.dev/issue/61460",
"url": "https://go.dev/issue/61460"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
"url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1987",
"url": "https://pkg.go.dev/vuln/GO-2023-1987"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T15:32:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
},
{
"acknowledgments": [
{
"names": [
"Takeshi Kaneko"
],
"organization": "GMO Cybersecurity by Ierae, Inc."
}
],
"cve": "CVE-2023-39318",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237776"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The html/template package did not properly handle HMTL-like \"\u003c!--\" and \"--\u003e\" comment tokens, nor hashbang \"#!\" comment tokens, in \u003cscript\u003e contexts. This issue may cause the template parser to improperly interpret the contents of \u003cscript\u003e contexts, causing actions to be improperly escaped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of HTML-like comments within script contexts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39318"
},
{
"category": "external",
"summary": "RHBZ#2237776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237776"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318"
},
{
"category": "external",
"summary": "https://go.dev/cl/526156",
"url": "https://go.dev/cl/526156"
},
{
"category": "external",
"summary": "https://go.dev/issue/62196",
"url": "https://go.dev/issue/62196"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2041.json",
"url": "https://vuln.go.dev/ID/GO-2023-2041.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T15:32:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of HTML-like comments within script contexts"
},
{
"acknowledgments": [
{
"names": [
"Takeshi Kaneko"
],
"organization": "GMO Cybersecurity by Ierae, Inc."
}
],
"cve": "CVE-2023-39319",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237773"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of \"\u003cscript\", \"\u003c!--\", and \"\u003c/script\" within JS literals in \u003cscript\u003e contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of special tags within script contexts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39319"
},
{
"category": "external",
"summary": "RHBZ#2237773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237773"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319"
},
{
"category": "external",
"summary": "https://go.dev/cl/526157",
"url": "https://go.dev/cl/526157"
},
{
"category": "external",
"summary": "https://go.dev/issue/62197",
"url": "https://go.dev/issue/62197"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2043.json",
"url": "https://vuln.go.dev/ID/GO-2023-2043.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T15:32:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of special tags within script contexts"
},
{
"acknowledgments": [
{
"names": [
"Martin Seemann"
]
}
],
"cve": "CVE-2023-39321",
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237777"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39321"
},
{
"category": "external",
"summary": "RHBZ#2237777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39321"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321"
},
{
"category": "external",
"summary": "https://go.dev/cl/523039",
"url": "https://go.dev/cl/523039"
},
{
"category": "external",
"summary": "https://go.dev/issue/62266",
"url": "https://go.dev/issue/62266"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2044.json",
"url": "https://vuln.go.dev/ID/GO-2023-2044.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T15:32:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections"
},
{
"acknowledgments": [
{
"names": [
"Marten Seemann"
]
}
],
"cve": "CVE-2023-39322",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237778"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: lack of a limit on buffered post-handshake",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39322"
},
{
"category": "external",
"summary": "RHBZ#2237778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237778"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322"
},
{
"category": "external",
"summary": "https://go.dev/cl/523039",
"url": "https://go.dev/cl/523039"
},
{
"category": "external",
"summary": "https://go.dev/issue/62266",
"url": "https://go.dev/issue/62266"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2045.json",
"url": "https://vuln.go.dev/ID/GO-2023-2045.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T15:32:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: lack of a limit on buffered post-handshake"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T15:32:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T15:32:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023_6115
Vulnerability from csaf_redhat - Published: 2023-10-25 14:01 - Updated: 2024-12-18 04:50A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le | — |
A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le | — |
A flaw was found in Golang. The html/template package did not properly handle HMTL-like "<!--" and "-->" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This issue may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le | — |
A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script> contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le | — |
A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le | — |
A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64 | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x | — | ||
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le | — |
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x | — |
Workaround
|
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for OADP-1.1-RHEL-8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Security Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)\n\n* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)\n\n* golang: html/template: improper handling of HTML-like comments within script contexts (CVE-2023-39318)\n\n* golang: html/template: improper handling of special tags within script contexts (CVE-2023-39319)\n\n* golang: crypto/tls: panic when processing post-handshake message on QUIC connections (CVE-2023-39321)\n\n* golang: crypto/tls: lack of a limit on buffered post-handshake (CVE-2023-39322)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6115",
"url": "https://access.redhat.com/errata/RHSA-2023:6115"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "2237773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237773"
},
{
"category": "external",
"summary": "2237776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237776"
},
{
"category": "external",
"summary": "2237777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237777"
},
{
"category": "external",
"summary": "2237778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237778"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6115.json"
}
],
"title": "Red Hat Security Advisory: OpenShift API for Data Protection security update",
"tracking": {
"current_release_date": "2024-12-18T04:50:02+00:00",
"generator": {
"date": "2024-12-18T04:50:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:6115",
"initial_release_date": "2023-10-25T14:01:58+00:00",
"revision_history": [
{
"date": "2023-10-25T14:01:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-25T14:01:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:50:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-OADP-1.1",
"product": {
"name": "8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_api_data_protection:1.1::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift API for Data Protection"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"product": {
"name": "oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"product_id": "oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8\u0026tag=1.1.7-8"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"product_id": "oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.1.7-8"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"product": {
"name": "oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"product_id": "oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-rhel8-operator\u0026tag=1.1.7-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"product": {
"name": "oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"product_id": "oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"product_id": "oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"product": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"product_id": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8\u0026tag=1.1.7-6"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"product": {
"name": "oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"product_id": "oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8\u0026tag=1.1.7-8"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"product_id": "oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.1.7-8"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"product": {
"name": "oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"product_id": "oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel8-operator\u0026tag=1.1.7-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64",
"product": {
"name": "oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64",
"product_id": "oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"product_id": "oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"product": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"product_id": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8\u0026tag=1.1.7-6"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"product": {
"name": "oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"product_id": "oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8\u0026tag=1.1.7-8"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"product_id": "oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.1.7-8"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"product": {
"name": "oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"product_id": "oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-rhel8-operator\u0026tag=1.1.7-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"product": {
"name": "oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"product_id": "oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"product_id": "oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8\u0026tag=1.1.7-6"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le",
"product": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le",
"product_id": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8\u0026tag=1.1.7-6"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x"
},
"product_reference": "oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64"
},
"product_reference": "oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le"
},
"product_reference": "oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le"
},
"product_reference": "oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x"
},
"product_reference": "oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64"
},
"product_reference": "oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le"
},
"product_reference": "oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x"
},
"product_reference": "oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64"
},
"product_reference": "oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64"
},
"product_reference": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x"
},
"product_reference": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
},
"product_reference": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-29406",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: insufficient sanitization of Host header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29406"
},
{
"category": "external",
"summary": "RHBZ#2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
}
],
"release_date": "2023-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T14:01:58+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: insufficient sanitization of Host header"
},
{
"cve": "CVE-2023-29409",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228743"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29409"
},
{
"category": "external",
"summary": "RHBZ#2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
},
{
"category": "external",
"summary": "https://go.dev/cl/515257",
"url": "https://go.dev/cl/515257"
},
{
"category": "external",
"summary": "https://go.dev/issue/61460",
"url": "https://go.dev/issue/61460"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
"url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1987",
"url": "https://pkg.go.dev/vuln/GO-2023-1987"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T14:01:58+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
},
{
"acknowledgments": [
{
"names": [
"Takeshi Kaneko"
],
"organization": "GMO Cybersecurity by Ierae, Inc."
}
],
"cve": "CVE-2023-39318",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237776"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The html/template package did not properly handle HMTL-like \"\u003c!--\" and \"--\u003e\" comment tokens, nor hashbang \"#!\" comment tokens, in \u003cscript\u003e contexts. This issue may cause the template parser to improperly interpret the contents of \u003cscript\u003e contexts, causing actions to be improperly escaped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of HTML-like comments within script contexts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39318"
},
{
"category": "external",
"summary": "RHBZ#2237776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237776"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318"
},
{
"category": "external",
"summary": "https://go.dev/cl/526156",
"url": "https://go.dev/cl/526156"
},
{
"category": "external",
"summary": "https://go.dev/issue/62196",
"url": "https://go.dev/issue/62196"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2041.json",
"url": "https://vuln.go.dev/ID/GO-2023-2041.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T14:01:58+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of HTML-like comments within script contexts"
},
{
"acknowledgments": [
{
"names": [
"Takeshi Kaneko"
],
"organization": "GMO Cybersecurity by Ierae, Inc."
}
],
"cve": "CVE-2023-39319",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237773"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of \"\u003cscript\", \"\u003c!--\", and \"\u003c/script\" within JS literals in \u003cscript\u003e contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of special tags within script contexts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39319"
},
{
"category": "external",
"summary": "RHBZ#2237773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237773"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319"
},
{
"category": "external",
"summary": "https://go.dev/cl/526157",
"url": "https://go.dev/cl/526157"
},
{
"category": "external",
"summary": "https://go.dev/issue/62197",
"url": "https://go.dev/issue/62197"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2043.json",
"url": "https://vuln.go.dev/ID/GO-2023-2043.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T14:01:58+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of special tags within script contexts"
},
{
"acknowledgments": [
{
"names": [
"Martin Seemann"
]
}
],
"cve": "CVE-2023-39321",
"discovery_date": "2023-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237777"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39321"
},
{
"category": "external",
"summary": "RHBZ#2237777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39321"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321"
},
{
"category": "external",
"summary": "https://go.dev/cl/523039",
"url": "https://go.dev/cl/523039"
},
{
"category": "external",
"summary": "https://go.dev/issue/62266",
"url": "https://go.dev/issue/62266"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2044.json",
"url": "https://vuln.go.dev/ID/GO-2023-2044.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T14:01:58+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections"
},
{
"acknowledgments": [
{
"names": [
"Marten Seemann"
]
}
],
"cve": "CVE-2023-39322",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237778"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: lack of a limit on buffered post-handshake",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39322"
},
{
"category": "external",
"summary": "RHBZ#2237778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237778"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322"
},
{
"category": "external",
"summary": "https://go.dev/cl/523039",
"url": "https://go.dev/cl/523039"
},
{
"category": "external",
"summary": "https://go.dev/issue/62266",
"url": "https://go.dev/issue/62266"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2045.json",
"url": "https://vuln.go.dev/ID/GO-2023-2045.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T14:01:58+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: lack of a limit on buffered post-handshake"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T14:01:58+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6115"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T14:01:58+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6115"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1d9eb04551c7629c1c955a83f56c9950af52cf507a960673fbbb71bc53a45d42_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:a107558ebc95b2d1c57a3571491bbf6ec88921ca8e6e45419dbec9bf47d505b9_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ca91eab699f97705c3e696150446582caab5b97db9230c0a2a7d0b9e09a7c571_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2d68a7b0030a673d88d59d712352614f136704fc95a5523484eea11eeeb76619_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:d2ea8cc469b9bc2cb99dc81ef1c8c043ef7d4c320b588f7bf1e221807767a21c_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f4db0cbe93b098c3e73e65bf83cdd73214e6eb9894a5d1d42d0f5fd58162a750_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7381cf4462e525945055a1b2b0bf168d469d2bd3f67bb10f6c8cb13e58fa9569_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a709259c3a6d923485ed217e9dd74f11c02a32c113f017ebbd8c49d60c83c47b_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:f6e549d662f01f8ccf0c1ab9016b1aadcd417096bc49133a536292c55049c13a_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:0f7a9f47f67af388ebebb7ef28a775857ac37d35e234ee228a4ea25bfc64c3e3_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:2d3e387f50011ea9496e7524624100afb1e5eb9aeb220c971ac850e3d3fb3ecd_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:bf0607d865944a9011852bcbd92d2f289f4086aba2186331ab4a65c7bd065604_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:9bc0630106402a86da33e4a21c5d64c6379125f6a446519f5a659ba1ed110b76_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:ec6dd5b1b4a9382b86ae970240e25f11a4eb8e2ba42a2f6f727a984cf79f0cdb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:fbef5cf169028b7e2c16c00ab699bcdb5733e2368ead683639495c2c584e08d7_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:57e64b3f70a5d06d68b2dfa3dfd329474ee39354e1ff3730742ae5869ffe9242_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:9535d60aeca08fbcb35f5ddecc455fbf8fd240b185b0359fcf15db088beed93b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a68d39f20190d5dd35cb799b02ad3ff4fdaf52ab22f7785ba4be4d20c95a09af_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4a509a9562f941a6eb85e29db424080204172cfcee21b2cbbe066efb5c60198c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:7933617816babdf5e6da973b7ffbf54a2c280a66fc6a9861e2dc731f01043d80_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:c8e99a08d99db02bb8a5f3fde5ff77108b4699fa710c12b257e411e1f3014f7b_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:209ccbbf81de2154f620e3dc690a053d7110bc805fc148cff668bcab43674894_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7b4c2fbf7ae8c859bfc976a1e07ef02e430792b16f36fd7fe9e447c7427d5003_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:7bc516a3dc31d5675989c253dfc5d4f5b6e5675ed0dcd99aeabcf45748cfb82a_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:569d29f6abf7e47afa87dc786028dd1b3b25c703f03bb72f0cdb56fa9fd8322e_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c2e022362052875f262fc082268fe1093d1a7a60aa51479b05346f5fc857864c_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:c521866aa8677b189bfe5b07f38b640e5fe5f392bcf6af9a25cda0daab393cd9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:27b11e8db2a414fdbc1cf7d0844db973f3f23c2d47af1c6890f42b1e7627efda_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:2ced4f24ae6649bdeda3d075841b77c2171193e882c5559ec1d6f3cad6f94a8b_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7466b02853935e62195da737dc4dc1e7776537a330b943feb971d9b0aab01a5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:12379906744bbe5df4574415a81fa2a2d79e42317cf72c168e5ee05380d2c412_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:19772d059d2f70b59c21f01b8cdb34736dd835a695586e74234785b577abbf74_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:f1d013a16cc4ef007406323214d6e72b2a09ce9f38326df50497a2425e3a66b2_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:0e4b9f532f0ae2242b50ce34be7b7f5df6986c19ff126198a7b6aca4f8661d4a_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:7cc9fc024056ca5e857a6135bd99607d14eef47426eea87286f4e33f0751fcbd_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:8abfd51f73690022c8e646ffe9a30f8b8e135c56eb67348a4bc0c2cfedbea29c_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023_6116
Vulnerability from csaf_redhat - Published: 2023-10-25 14:16 - Updated: 2024-12-18 04:49A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.0:oadp/oadp-rhel8-operator@sha256:2d0182cb70a26416314e18b9df96b2a1153e0321f9918f04b45706ec81f3186b_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.0:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:81866c1022c5753966563d3e7e8f6c52659ec4f44ff16e80abf90b1c205214c6_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.0:oadp/oadp-mustgather-rhel8@sha256:47f797fdaa8dd123395d2c24baec6879528b87ed3a4b38ba75529eda9489681e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.0:oadp/oadp-operator-bundle@sha256:d04648c75a3943c17d58e731a1bd9c5b087844933dd541a6f3021090efbd2a8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.0:oadp/oadp-registry-rhel8@sha256:2f2a0045c09b57f829d329f2bdca336b1b36149376199f0317372c02e008106e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.0:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:c9bbbcfd7aa37f989db4d82007e1e4934ec0d44a507e527a6a36df2cc4959a5a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.0:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:36a97115bf48ea9fc1a3e9f7a5624d743f1b2e94ad52a6f05da27ebf26e1673b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.0:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:43c40dee88e38834b1291ef66ad23c63c11fdc192bf288a4691ae15eddddb85a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.0:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:6d28dd5fbe010143914176e121fc1c6ed935005bc54ef7d8d5fb65e26f72538c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.0:oadp/oadp-velero-plugin-rhel8@sha256:945e16d6a8ab0031dd9fd823524fc5036f05a534008027806a0627adcdc6ba28_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.0:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:29db02fcb1fa8339e3fb999d60009e5b78d969fe35609d9702bc20b9dca8c5ea_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.0:oadp/oadp-velero-rhel8@sha256:8a7040f970b9d4f69658af2ca419d8d329792e5ae61ad8950706a1a41a98aee0_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "OpenShift API for Data Protection (OADP) 1.0.14 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack) (CVE-2023-39325)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6116",
"url": "https://access.redhat.com/errata/RHSA-2023:6116"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6116.json"
}
],
"title": "Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.0.14 security and bug fix update",
"tracking": {
"current_release_date": "2024-12-18T04:49:53+00:00",
"generator": {
"date": "2024-12-18T04:49:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:6116",
"initial_release_date": "2023-10-25T14:16:47+00:00",
"revision_history": [
{
"date": "2023-10-25T14:16:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-25T14:16:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:49:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-OADP-1.0",
"product": {
"name": "8Base-OADP-1.0",
"product_id": "8Base-OADP-1.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_api_data_protection:1.0::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift API for Data Protection"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:81866c1022c5753966563d3e7e8f6c52659ec4f44ff16e80abf90b1c205214c6_amd64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:81866c1022c5753966563d3e7e8f6c52659ec4f44ff16e80abf90b1c205214c6_amd64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:81866c1022c5753966563d3e7e8f6c52659ec4f44ff16e80abf90b1c205214c6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:81866c1022c5753966563d3e7e8f6c52659ec4f44ff16e80abf90b1c205214c6?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8\u0026tag=1.0.14-5"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel8@sha256:47f797fdaa8dd123395d2c24baec6879528b87ed3a4b38ba75529eda9489681e_amd64",
"product": {
"name": "oadp/oadp-mustgather-rhel8@sha256:47f797fdaa8dd123395d2c24baec6879528b87ed3a4b38ba75529eda9489681e_amd64",
"product_id": "oadp/oadp-mustgather-rhel8@sha256:47f797fdaa8dd123395d2c24baec6879528b87ed3a4b38ba75529eda9489681e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel8@sha256:47f797fdaa8dd123395d2c24baec6879528b87ed3a4b38ba75529eda9489681e?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8\u0026tag=1.0.14-5"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:d04648c75a3943c17d58e731a1bd9c5b087844933dd541a6f3021090efbd2a8b_amd64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:d04648c75a3943c17d58e731a1bd9c5b087844933dd541a6f3021090efbd2a8b_amd64",
"product_id": "oadp/oadp-operator-bundle@sha256:d04648c75a3943c17d58e731a1bd9c5b087844933dd541a6f3021090efbd2a8b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:d04648c75a3943c17d58e731a1bd9c5b087844933dd541a6f3021090efbd2a8b?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.0.14-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel8-operator@sha256:2d0182cb70a26416314e18b9df96b2a1153e0321f9918f04b45706ec81f3186b_amd64",
"product": {
"name": "oadp/oadp-rhel8-operator@sha256:2d0182cb70a26416314e18b9df96b2a1153e0321f9918f04b45706ec81f3186b_amd64",
"product_id": "oadp/oadp-rhel8-operator@sha256:2d0182cb70a26416314e18b9df96b2a1153e0321f9918f04b45706ec81f3186b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel8-operator@sha256:2d0182cb70a26416314e18b9df96b2a1153e0321f9918f04b45706ec81f3186b?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel8-operator\u0026tag=1.0.14-5"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-registry-rhel8@sha256:2f2a0045c09b57f829d329f2bdca336b1b36149376199f0317372c02e008106e_amd64",
"product": {
"name": "oadp/oadp-registry-rhel8@sha256:2f2a0045c09b57f829d329f2bdca336b1b36149376199f0317372c02e008106e_amd64",
"product_id": "oadp/oadp-registry-rhel8@sha256:2f2a0045c09b57f829d329f2bdca336b1b36149376199f0317372c02e008106e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-registry-rhel8@sha256:2f2a0045c09b57f829d329f2bdca336b1b36149376199f0317372c02e008106e?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-registry-rhel8\u0026tag=1.0.14-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel8@sha256:8a7040f970b9d4f69658af2ca419d8d329792e5ae61ad8950706a1a41a98aee0_amd64",
"product": {
"name": "oadp/oadp-velero-rhel8@sha256:8a7040f970b9d4f69658af2ca419d8d329792e5ae61ad8950706a1a41a98aee0_amd64",
"product_id": "oadp/oadp-velero-rhel8@sha256:8a7040f970b9d4f69658af2ca419d8d329792e5ae61ad8950706a1a41a98aee0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel8@sha256:8a7040f970b9d4f69658af2ca419d8d329792e5ae61ad8950706a1a41a98aee0?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel8\u0026tag=1.0.14-5"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel8@sha256:945e16d6a8ab0031dd9fd823524fc5036f05a534008027806a0627adcdc6ba28_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:945e16d6a8ab0031dd9fd823524fc5036f05a534008027806a0627adcdc6ba28_amd64",
"product_id": "oadp/oadp-velero-plugin-rhel8@sha256:945e16d6a8ab0031dd9fd823524fc5036f05a534008027806a0627adcdc6ba28_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel8@sha256:945e16d6a8ab0031dd9fd823524fc5036f05a534008027806a0627adcdc6ba28?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8\u0026tag=1.0.14-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:c9bbbcfd7aa37f989db4d82007e1e4934ec0d44a507e527a6a36df2cc4959a5a_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:c9bbbcfd7aa37f989db4d82007e1e4934ec0d44a507e527a6a36df2cc4959a5a_amd64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:c9bbbcfd7aa37f989db4d82007e1e4934ec0d44a507e527a6a36df2cc4959a5a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:c9bbbcfd7aa37f989db4d82007e1e4934ec0d44a507e527a6a36df2cc4959a5a?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8\u0026tag=1.0.14-5"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:36a97115bf48ea9fc1a3e9f7a5624d743f1b2e94ad52a6f05da27ebf26e1673b_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:36a97115bf48ea9fc1a3e9f7a5624d743f1b2e94ad52a6f05da27ebf26e1673b_amd64",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:36a97115bf48ea9fc1a3e9f7a5624d743f1b2e94ad52a6f05da27ebf26e1673b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:36a97115bf48ea9fc1a3e9f7a5624d743f1b2e94ad52a6f05da27ebf26e1673b?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8\u0026tag=1.0.14-5"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:43c40dee88e38834b1291ef66ad23c63c11fdc192bf288a4691ae15eddddb85a_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:43c40dee88e38834b1291ef66ad23c63c11fdc192bf288a4691ae15eddddb85a_amd64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:43c40dee88e38834b1291ef66ad23c63c11fdc192bf288a4691ae15eddddb85a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:43c40dee88e38834b1291ef66ad23c63c11fdc192bf288a4691ae15eddddb85a?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8\u0026tag=1.0.14-5"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:6d28dd5fbe010143914176e121fc1c6ed935005bc54ef7d8d5fb65e26f72538c_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:6d28dd5fbe010143914176e121fc1c6ed935005bc54ef7d8d5fb65e26f72538c_amd64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:6d28dd5fbe010143914176e121fc1c6ed935005bc54ef7d8d5fb65e26f72538c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:6d28dd5fbe010143914176e121fc1c6ed935005bc54ef7d8d5fb65e26f72538c?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8\u0026tag=1.0.14-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:29db02fcb1fa8339e3fb999d60009e5b78d969fe35609d9702bc20b9dca8c5ea_amd64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:29db02fcb1fa8339e3fb999d60009e5b78d969fe35609d9702bc20b9dca8c5ea_amd64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:29db02fcb1fa8339e3fb999d60009e5b78d969fe35609d9702bc20b9dca8c5ea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:29db02fcb1fa8339e3fb999d60009e5b78d969fe35609d9702bc20b9dca8c5ea?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8\u0026tag=1.0.14-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:81866c1022c5753966563d3e7e8f6c52659ec4f44ff16e80abf90b1c205214c6_amd64 as a component of 8Base-OADP-1.0",
"product_id": "8Base-OADP-1.0:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:81866c1022c5753966563d3e7e8f6c52659ec4f44ff16e80abf90b1c205214c6_amd64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:81866c1022c5753966563d3e7e8f6c52659ec4f44ff16e80abf90b1c205214c6_amd64",
"relates_to_product_reference": "8Base-OADP-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel8@sha256:47f797fdaa8dd123395d2c24baec6879528b87ed3a4b38ba75529eda9489681e_amd64 as a component of 8Base-OADP-1.0",
"product_id": "8Base-OADP-1.0:oadp/oadp-mustgather-rhel8@sha256:47f797fdaa8dd123395d2c24baec6879528b87ed3a4b38ba75529eda9489681e_amd64"
},
"product_reference": "oadp/oadp-mustgather-rhel8@sha256:47f797fdaa8dd123395d2c24baec6879528b87ed3a4b38ba75529eda9489681e_amd64",
"relates_to_product_reference": "8Base-OADP-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:d04648c75a3943c17d58e731a1bd9c5b087844933dd541a6f3021090efbd2a8b_amd64 as a component of 8Base-OADP-1.0",
"product_id": "8Base-OADP-1.0:oadp/oadp-operator-bundle@sha256:d04648c75a3943c17d58e731a1bd9c5b087844933dd541a6f3021090efbd2a8b_amd64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:d04648c75a3943c17d58e731a1bd9c5b087844933dd541a6f3021090efbd2a8b_amd64",
"relates_to_product_reference": "8Base-OADP-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-registry-rhel8@sha256:2f2a0045c09b57f829d329f2bdca336b1b36149376199f0317372c02e008106e_amd64 as a component of 8Base-OADP-1.0",
"product_id": "8Base-OADP-1.0:oadp/oadp-registry-rhel8@sha256:2f2a0045c09b57f829d329f2bdca336b1b36149376199f0317372c02e008106e_amd64"
},
"product_reference": "oadp/oadp-registry-rhel8@sha256:2f2a0045c09b57f829d329f2bdca336b1b36149376199f0317372c02e008106e_amd64",
"relates_to_product_reference": "8Base-OADP-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel8-operator@sha256:2d0182cb70a26416314e18b9df96b2a1153e0321f9918f04b45706ec81f3186b_amd64 as a component of 8Base-OADP-1.0",
"product_id": "8Base-OADP-1.0:oadp/oadp-rhel8-operator@sha256:2d0182cb70a26416314e18b9df96b2a1153e0321f9918f04b45706ec81f3186b_amd64"
},
"product_reference": "oadp/oadp-rhel8-operator@sha256:2d0182cb70a26416314e18b9df96b2a1153e0321f9918f04b45706ec81f3186b_amd64",
"relates_to_product_reference": "8Base-OADP-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:c9bbbcfd7aa37f989db4d82007e1e4934ec0d44a507e527a6a36df2cc4959a5a_amd64 as a component of 8Base-OADP-1.0",
"product_id": "8Base-OADP-1.0:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:c9bbbcfd7aa37f989db4d82007e1e4934ec0d44a507e527a6a36df2cc4959a5a_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:c9bbbcfd7aa37f989db4d82007e1e4934ec0d44a507e527a6a36df2cc4959a5a_amd64",
"relates_to_product_reference": "8Base-OADP-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:36a97115bf48ea9fc1a3e9f7a5624d743f1b2e94ad52a6f05da27ebf26e1673b_amd64 as a component of 8Base-OADP-1.0",
"product_id": "8Base-OADP-1.0:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:36a97115bf48ea9fc1a3e9f7a5624d743f1b2e94ad52a6f05da27ebf26e1673b_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:36a97115bf48ea9fc1a3e9f7a5624d743f1b2e94ad52a6f05da27ebf26e1673b_amd64",
"relates_to_product_reference": "8Base-OADP-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:43c40dee88e38834b1291ef66ad23c63c11fdc192bf288a4691ae15eddddb85a_amd64 as a component of 8Base-OADP-1.0",
"product_id": "8Base-OADP-1.0:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:43c40dee88e38834b1291ef66ad23c63c11fdc192bf288a4691ae15eddddb85a_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:43c40dee88e38834b1291ef66ad23c63c11fdc192bf288a4691ae15eddddb85a_amd64",
"relates_to_product_reference": "8Base-OADP-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:6d28dd5fbe010143914176e121fc1c6ed935005bc54ef7d8d5fb65e26f72538c_amd64 as a component of 8Base-OADP-1.0",
"product_id": "8Base-OADP-1.0:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:6d28dd5fbe010143914176e121fc1c6ed935005bc54ef7d8d5fb65e26f72538c_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:6d28dd5fbe010143914176e121fc1c6ed935005bc54ef7d8d5fb65e26f72538c_amd64",
"relates_to_product_reference": "8Base-OADP-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:945e16d6a8ab0031dd9fd823524fc5036f05a534008027806a0627adcdc6ba28_amd64 as a component of 8Base-OADP-1.0",
"product_id": "8Base-OADP-1.0:oadp/oadp-velero-plugin-rhel8@sha256:945e16d6a8ab0031dd9fd823524fc5036f05a534008027806a0627adcdc6ba28_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel8@sha256:945e16d6a8ab0031dd9fd823524fc5036f05a534008027806a0627adcdc6ba28_amd64",
"relates_to_product_reference": "8Base-OADP-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:29db02fcb1fa8339e3fb999d60009e5b78d969fe35609d9702bc20b9dca8c5ea_amd64 as a component of 8Base-OADP-1.0",
"product_id": "8Base-OADP-1.0:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:29db02fcb1fa8339e3fb999d60009e5b78d969fe35609d9702bc20b9dca8c5ea_amd64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:29db02fcb1fa8339e3fb999d60009e5b78d969fe35609d9702bc20b9dca8c5ea_amd64",
"relates_to_product_reference": "8Base-OADP-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel8@sha256:8a7040f970b9d4f69658af2ca419d8d329792e5ae61ad8950706a1a41a98aee0_amd64 as a component of 8Base-OADP-1.0",
"product_id": "8Base-OADP-1.0:oadp/oadp-velero-rhel8@sha256:8a7040f970b9d4f69658af2ca419d8d329792e5ae61ad8950706a1a41a98aee0_amd64"
},
"product_reference": "oadp/oadp-velero-rhel8@sha256:8a7040f970b9d4f69658af2ca419d8d329792e5ae61ad8950706a1a41a98aee0_amd64",
"relates_to_product_reference": "8Base-OADP-1.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.0:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:81866c1022c5753966563d3e7e8f6c52659ec4f44ff16e80abf90b1c205214c6_amd64",
"8Base-OADP-1.0:oadp/oadp-mustgather-rhel8@sha256:47f797fdaa8dd123395d2c24baec6879528b87ed3a4b38ba75529eda9489681e_amd64",
"8Base-OADP-1.0:oadp/oadp-operator-bundle@sha256:d04648c75a3943c17d58e731a1bd9c5b087844933dd541a6f3021090efbd2a8b_amd64",
"8Base-OADP-1.0:oadp/oadp-registry-rhel8@sha256:2f2a0045c09b57f829d329f2bdca336b1b36149376199f0317372c02e008106e_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:c9bbbcfd7aa37f989db4d82007e1e4934ec0d44a507e527a6a36df2cc4959a5a_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:36a97115bf48ea9fc1a3e9f7a5624d743f1b2e94ad52a6f05da27ebf26e1673b_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:43c40dee88e38834b1291ef66ad23c63c11fdc192bf288a4691ae15eddddb85a_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:6d28dd5fbe010143914176e121fc1c6ed935005bc54ef7d8d5fb65e26f72538c_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-rhel8@sha256:945e16d6a8ab0031dd9fd823524fc5036f05a534008027806a0627adcdc6ba28_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:29db02fcb1fa8339e3fb999d60009e5b78d969fe35609d9702bc20b9dca8c5ea_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-rhel8@sha256:8a7040f970b9d4f69658af2ca419d8d329792e5ae61ad8950706a1a41a98aee0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.0:oadp/oadp-rhel8-operator@sha256:2d0182cb70a26416314e18b9df96b2a1153e0321f9918f04b45706ec81f3186b_amd64"
],
"known_not_affected": [
"8Base-OADP-1.0:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:81866c1022c5753966563d3e7e8f6c52659ec4f44ff16e80abf90b1c205214c6_amd64",
"8Base-OADP-1.0:oadp/oadp-mustgather-rhel8@sha256:47f797fdaa8dd123395d2c24baec6879528b87ed3a4b38ba75529eda9489681e_amd64",
"8Base-OADP-1.0:oadp/oadp-operator-bundle@sha256:d04648c75a3943c17d58e731a1bd9c5b087844933dd541a6f3021090efbd2a8b_amd64",
"8Base-OADP-1.0:oadp/oadp-registry-rhel8@sha256:2f2a0045c09b57f829d329f2bdca336b1b36149376199f0317372c02e008106e_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:c9bbbcfd7aa37f989db4d82007e1e4934ec0d44a507e527a6a36df2cc4959a5a_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:36a97115bf48ea9fc1a3e9f7a5624d743f1b2e94ad52a6f05da27ebf26e1673b_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:43c40dee88e38834b1291ef66ad23c63c11fdc192bf288a4691ae15eddddb85a_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:6d28dd5fbe010143914176e121fc1c6ed935005bc54ef7d8d5fb65e26f72538c_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-rhel8@sha256:945e16d6a8ab0031dd9fd823524fc5036f05a534008027806a0627adcdc6ba28_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:29db02fcb1fa8339e3fb999d60009e5b78d969fe35609d9702bc20b9dca8c5ea_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-rhel8@sha256:8a7040f970b9d4f69658af2ca419d8d329792e5ae61ad8950706a1a41a98aee0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T14:16:47+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.0:oadp/oadp-rhel8-operator@sha256:2d0182cb70a26416314e18b9df96b2a1153e0321f9918f04b45706ec81f3186b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6116"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OADP-1.0:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:81866c1022c5753966563d3e7e8f6c52659ec4f44ff16e80abf90b1c205214c6_amd64",
"8Base-OADP-1.0:oadp/oadp-mustgather-rhel8@sha256:47f797fdaa8dd123395d2c24baec6879528b87ed3a4b38ba75529eda9489681e_amd64",
"8Base-OADP-1.0:oadp/oadp-operator-bundle@sha256:d04648c75a3943c17d58e731a1bd9c5b087844933dd541a6f3021090efbd2a8b_amd64",
"8Base-OADP-1.0:oadp/oadp-registry-rhel8@sha256:2f2a0045c09b57f829d329f2bdca336b1b36149376199f0317372c02e008106e_amd64",
"8Base-OADP-1.0:oadp/oadp-rhel8-operator@sha256:2d0182cb70a26416314e18b9df96b2a1153e0321f9918f04b45706ec81f3186b_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:c9bbbcfd7aa37f989db4d82007e1e4934ec0d44a507e527a6a36df2cc4959a5a_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:36a97115bf48ea9fc1a3e9f7a5624d743f1b2e94ad52a6f05da27ebf26e1673b_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:43c40dee88e38834b1291ef66ad23c63c11fdc192bf288a4691ae15eddddb85a_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:6d28dd5fbe010143914176e121fc1c6ed935005bc54ef7d8d5fb65e26f72538c_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-rhel8@sha256:945e16d6a8ab0031dd9fd823524fc5036f05a534008027806a0627adcdc6ba28_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:29db02fcb1fa8339e3fb999d60009e5b78d969fe35609d9702bc20b9dca8c5ea_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-rhel8@sha256:8a7040f970b9d4f69658af2ca419d8d329792e5ae61ad8950706a1a41a98aee0_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OADP-1.0:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:81866c1022c5753966563d3e7e8f6c52659ec4f44ff16e80abf90b1c205214c6_amd64",
"8Base-OADP-1.0:oadp/oadp-mustgather-rhel8@sha256:47f797fdaa8dd123395d2c24baec6879528b87ed3a4b38ba75529eda9489681e_amd64",
"8Base-OADP-1.0:oadp/oadp-operator-bundle@sha256:d04648c75a3943c17d58e731a1bd9c5b087844933dd541a6f3021090efbd2a8b_amd64",
"8Base-OADP-1.0:oadp/oadp-registry-rhel8@sha256:2f2a0045c09b57f829d329f2bdca336b1b36149376199f0317372c02e008106e_amd64",
"8Base-OADP-1.0:oadp/oadp-rhel8-operator@sha256:2d0182cb70a26416314e18b9df96b2a1153e0321f9918f04b45706ec81f3186b_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:c9bbbcfd7aa37f989db4d82007e1e4934ec0d44a507e527a6a36df2cc4959a5a_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:36a97115bf48ea9fc1a3e9f7a5624d743f1b2e94ad52a6f05da27ebf26e1673b_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:43c40dee88e38834b1291ef66ad23c63c11fdc192bf288a4691ae15eddddb85a_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:6d28dd5fbe010143914176e121fc1c6ed935005bc54ef7d8d5fb65e26f72538c_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-plugin-rhel8@sha256:945e16d6a8ab0031dd9fd823524fc5036f05a534008027806a0627adcdc6ba28_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:29db02fcb1fa8339e3fb999d60009e5b78d969fe35609d9702bc20b9dca8c5ea_amd64",
"8Base-OADP-1.0:oadp/oadp-velero-rhel8@sha256:8a7040f970b9d4f69658af2ca419d8d329792e5ae61ad8950706a1a41a98aee0_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
}
]
}
RHSA-2023_6118
Vulnerability from csaf_redhat - Published: 2023-10-25 14:23 - Updated: 2024-12-18 04:50A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1eba8b3a26d43f2946391817f37cdd8c64415f65108acdfeba66ef9cfebcf0e0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d79146d04177eda5ccc777815932fda586542cf53e88d2069b980d14a3bccfa8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d98265aa2ddfe8a051e6e332f450ae4007e5f719eb456b2db582fe095f7cb88a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:e2cecef9337f9aba8285a8d917e5cf75e24d93d44197578f93a497eed309d94a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:4628ec389b445fae40227657c9b1b6330fae7a9a76cf80798c4c7f74181050f9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:7572bcc6b877c605805601dca3a6daf8c74b4c82defff9d53dd4173abad84e85_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:d610d59b4d11ca019611a80ff929cea304a333c78ae8339a8c24628daa97ccdb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:f1ca2345c320ccef8c1336e2b4caba0c97e6d455e9f1c70cfb921b07d26e9024_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:64777c17edf16c46a0519a6a3a479e2004da580f5f1b9987d3464894cdc3d621_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:6876a1fbf67f9b91ef0cd8442ed56a2b3be79daca4f30ab583c4e95b6179b935_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:81072079708e5808b6a73d8ad9fa6838680a90565a64eed263dfac62eb074f32_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:a2118e62fcd7dfe8e65b0b1e9df909da3a6317137d2097f4c4ac335c80aefdfc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:166cc137856090465797a03844a1ce0c7c5b315917264d1a3c570ff8630c097f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:8ad05b4f05a94234566276f923ac3ef40ecc17d9e4d05821851b20e381d57bae_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:d5e564b3d10e44ae21a66f1cbe877b23f55ab397328f4bd168fb4340bbb1569d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbc5a4985c0cdf01f6b4aa0d2c9e516f7da8f6a5a6e5e795076e3f710333bb67_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:09426f08a141993d299b940acf33c1065deba4f6bdf9d93db2496cdb043d2f8d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:31e7cdd4e0965814bfa1a5e07047e3b7ed4953c11bdd0b5adadf493d9b54b534_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:3613dc6e2c0b94095d30deae7009f05245f55b01b8caea791d99f8492d751b96_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:da7601aa767656db6edea1eac57f8a891eebbf74155c395b569e2d4ff5d81269_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:44861c3facde9c65e656ae68a8ec6c8871252d6d7e585c37743f0625e4ca7d45_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:782f4fdab3ad3507e50ad2d77bc3517c3eb74670909ffbea0a0b913c895c69f5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:934290eeb999c5cbf67ff7d306299cc1c54db613e148cea14489db94ca0c3295_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:d75d79f906c5385cfd85777780eb85a1750b76b09125d5d6bbb963f8e160ebe2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:7131005d74a60827511929b9a029b1e1b16284fd90d19e8fdf626fad02d65a45_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:871dbeefc4f519a91948a3ab7c2e2fddc4d3f69d18a84a1a18856e0ac291eccb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:a7faed6579c5d1f8ff56f18889abd458e6c359a1fd038b86d6bb078cecc3d990_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:c29da97ce94aff1b538072d27d58ed65a2db5caf5f079f837c949fa866b53eaa_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:3d842994b0247323a38ff8c8fe943033e63b05bdc91ae17f222847e0ac11c353_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:e2e8e59932a0b8db365458347161fdd0589c2a533d3eb9b68330b7d3c64af363_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:ee41521bcac4206c966bc054416c92f14c240a1ef488ce4b126a8478d45966cc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:f44e0b13bbfeb73b64f9e7407a81c4ca0bbe783442dd0d29abb12e02e1bd7b8f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:41726661a3574000106c13ee6d8c24745dfc53775aea3a7a4bc60e45e3f3968b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:4a519c0df406c04c1b03a3a88ed075fb6815f0d43fe5d364f006aaf25074c12b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:80a01ef4f6e44980e755f6939dc00252bd7274c9d13792dfa80f15423806f277_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:d1f8e31d8ab726c672f3c53044aa7b563735686968ef0b95686c54171c3faf22_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:4410001b038f57f2b53a0aa8a7187db960410a3e6091b4923c0b1924d3ce2592_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:5220e6df18cb18dc2d566bae6b49ced636d9627a111f7bb042ebab3eb0372754_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:7d66d863ae6c46e1701ed0c55a7ebd5eaba3d0a330fed5dcbdde5d5f0c5c889d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:e712baa2a2a94afc004397d10fc6f65334dc3a4c547a97ecea5dc96247d28d4f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:22d1ac29ae9c3b35e4f850cf26cdcbdf61d5630a1a9aeed079c2dc8f46bb7434_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:42d3bb0d645e427380af3f100307fb1aace330ed107a35961d30e2f3a1ded213_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:912b4769343594442f2eee159d52a61ff72a559628b57002cc9fedf7fab7d992_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:dea1e97ee88949b9692f2077f4769b214031366f72f392cd89f85c0c7dcfffd2_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:017ae58a715980dfc2b32aa9d1865a7786991ab86a8c17880d142d43fe5188dd_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:9615a84312443cd9b090d51f6dd132b526e58b962c00ac8475a41ad764fa35a0_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:a5d985fb6042a03fa996552e43b7734de7f82a05bd69627412ba9350d0a0d318_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:ea6fe5af28e3c79f2545b46c1639ae5e54e3845a5df2624955a7339511982479_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:66fde1bc2e17380cff5503c81cc0b1e4912c310d4c778d7d3b76835fd1aaf45d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:982c9120f45add7a8832505823da117a054a79913f0c2811efde3b0349f5a79e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c34c2a171210bc35bef35c783e9d3989e9426ec00e87c3040c5e5de808e1e90e_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d234e14c2c5789d9d00dc64d8b67d699517c647b05f7190aeb624cd21a5cca8c_ppc64le | — |
Workaround
|
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:3d842994b0247323a38ff8c8fe943033e63b05bdc91ae17f222847e0ac11c353_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:e2e8e59932a0b8db365458347161fdd0589c2a533d3eb9b68330b7d3c64af363_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:ee41521bcac4206c966bc054416c92f14c240a1ef488ce4b126a8478d45966cc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:f44e0b13bbfeb73b64f9e7407a81c4ca0bbe783442dd0d29abb12e02e1bd7b8f_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1eba8b3a26d43f2946391817f37cdd8c64415f65108acdfeba66ef9cfebcf0e0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d79146d04177eda5ccc777815932fda586542cf53e88d2069b980d14a3bccfa8_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d98265aa2ddfe8a051e6e332f450ae4007e5f719eb456b2db582fe095f7cb88a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:e2cecef9337f9aba8285a8d917e5cf75e24d93d44197578f93a497eed309d94a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:4410001b038f57f2b53a0aa8a7187db960410a3e6091b4923c0b1924d3ce2592_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:5220e6df18cb18dc2d566bae6b49ced636d9627a111f7bb042ebab3eb0372754_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:7d66d863ae6c46e1701ed0c55a7ebd5eaba3d0a330fed5dcbdde5d5f0c5c889d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:e712baa2a2a94afc004397d10fc6f65334dc3a4c547a97ecea5dc96247d28d4f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:22d1ac29ae9c3b35e4f850cf26cdcbdf61d5630a1a9aeed079c2dc8f46bb7434_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:42d3bb0d645e427380af3f100307fb1aace330ed107a35961d30e2f3a1ded213_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:912b4769343594442f2eee159d52a61ff72a559628b57002cc9fedf7fab7d992_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:dea1e97ee88949b9692f2077f4769b214031366f72f392cd89f85c0c7dcfffd2_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:4628ec389b445fae40227657c9b1b6330fae7a9a76cf80798c4c7f74181050f9_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:7572bcc6b877c605805601dca3a6daf8c74b4c82defff9d53dd4173abad84e85_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:d610d59b4d11ca019611a80ff929cea304a333c78ae8339a8c24628daa97ccdb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:f1ca2345c320ccef8c1336e2b4caba0c97e6d455e9f1c70cfb921b07d26e9024_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:64777c17edf16c46a0519a6a3a479e2004da580f5f1b9987d3464894cdc3d621_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:6876a1fbf67f9b91ef0cd8442ed56a2b3be79daca4f30ab583c4e95b6179b935_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:81072079708e5808b6a73d8ad9fa6838680a90565a64eed263dfac62eb074f32_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:a2118e62fcd7dfe8e65b0b1e9df909da3a6317137d2097f4c4ac335c80aefdfc_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:166cc137856090465797a03844a1ce0c7c5b315917264d1a3c570ff8630c097f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:8ad05b4f05a94234566276f923ac3ef40ecc17d9e4d05821851b20e381d57bae_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:d5e564b3d10e44ae21a66f1cbe877b23f55ab397328f4bd168fb4340bbb1569d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbc5a4985c0cdf01f6b4aa0d2c9e516f7da8f6a5a6e5e795076e3f710333bb67_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:09426f08a141993d299b940acf33c1065deba4f6bdf9d93db2496cdb043d2f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:31e7cdd4e0965814bfa1a5e07047e3b7ed4953c11bdd0b5adadf493d9b54b534_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:3613dc6e2c0b94095d30deae7009f05245f55b01b8caea791d99f8492d751b96_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:da7601aa767656db6edea1eac57f8a891eebbf74155c395b569e2d4ff5d81269_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:44861c3facde9c65e656ae68a8ec6c8871252d6d7e585c37743f0625e4ca7d45_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:782f4fdab3ad3507e50ad2d77bc3517c3eb74670909ffbea0a0b913c895c69f5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:934290eeb999c5cbf67ff7d306299cc1c54db613e148cea14489db94ca0c3295_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:d75d79f906c5385cfd85777780eb85a1750b76b09125d5d6bbb963f8e160ebe2_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:7131005d74a60827511929b9a029b1e1b16284fd90d19e8fdf626fad02d65a45_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:871dbeefc4f519a91948a3ab7c2e2fddc4d3f69d18a84a1a18856e0ac291eccb_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:a7faed6579c5d1f8ff56f18889abd458e6c359a1fd038b86d6bb078cecc3d990_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:c29da97ce94aff1b538072d27d58ed65a2db5caf5f079f837c949fa866b53eaa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:017ae58a715980dfc2b32aa9d1865a7786991ab86a8c17880d142d43fe5188dd_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:9615a84312443cd9b090d51f6dd132b526e58b962c00ac8475a41ad764fa35a0_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:a5d985fb6042a03fa996552e43b7734de7f82a05bd69627412ba9350d0a0d318_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:ea6fe5af28e3c79f2545b46c1639ae5e54e3845a5df2624955a7339511982479_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:66fde1bc2e17380cff5503c81cc0b1e4912c310d4c778d7d3b76835fd1aaf45d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:982c9120f45add7a8832505823da117a054a79913f0c2811efde3b0349f5a79e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c34c2a171210bc35bef35c783e9d3989e9426ec00e87c3040c5e5de808e1e90e_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d234e14c2c5789d9d00dc64d8b67d699517c647b05f7190aeb624cd21a5cca8c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:41726661a3574000106c13ee6d8c24745dfc53775aea3a7a4bc60e45e3f3968b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:4a519c0df406c04c1b03a3a88ed075fb6815f0d43fe5d364f006aaf25074c12b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:80a01ef4f6e44980e755f6939dc00252bd7274c9d13792dfa80f15423806f277_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:d1f8e31d8ab726c672f3c53044aa7b563735686968ef0b95686c54171c3faf22_ppc64le | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for OADP-1.2-RHEL-8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Security Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6118",
"url": "https://access.redhat.com/errata/RHSA-2023:6118"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6118.json"
}
],
"title": "Red Hat Security Advisory: OpenShift API for Data Protection security update",
"tracking": {
"current_release_date": "2024-12-18T04:50:13+00:00",
"generator": {
"date": "2024-12-18T04:50:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:6118",
"initial_release_date": "2023-10-25T14:23:36+00:00",
"revision_history": [
{
"date": "2023-10-25T14:23:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-25T14:23:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:50:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-OADP-1.2",
"product": {
"name": "8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_api_data_protection:1.2::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift API for Data Protection"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d79146d04177eda5ccc777815932fda586542cf53e88d2069b980d14a3bccfa8_arm64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d79146d04177eda5ccc777815932fda586542cf53e88d2069b980d14a3bccfa8_arm64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d79146d04177eda5ccc777815932fda586542cf53e88d2069b980d14a3bccfa8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:d79146d04177eda5ccc777815932fda586542cf53e88d2069b980d14a3bccfa8?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel8@sha256:4410001b038f57f2b53a0aa8a7187db960410a3e6091b4923c0b1924d3ce2592_arm64",
"product": {
"name": "oadp/oadp-mustgather-rhel8@sha256:4410001b038f57f2b53a0aa8a7187db960410a3e6091b4923c0b1924d3ce2592_arm64",
"product_id": "oadp/oadp-mustgather-rhel8@sha256:4410001b038f57f2b53a0aa8a7187db960410a3e6091b4923c0b1924d3ce2592_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel8@sha256:4410001b038f57f2b53a0aa8a7187db960410a3e6091b4923c0b1924d3ce2592?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8\u0026tag=1.2.3-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:dea1e97ee88949b9692f2077f4769b214031366f72f392cd89f85c0c7dcfffd2_arm64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:dea1e97ee88949b9692f2077f4769b214031366f72f392cd89f85c0c7dcfffd2_arm64",
"product_id": "oadp/oadp-operator-bundle@sha256:dea1e97ee88949b9692f2077f4769b214031366f72f392cd89f85c0c7dcfffd2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:dea1e97ee88949b9692f2077f4769b214031366f72f392cd89f85c0c7dcfffd2?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.2.3-5"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel8-operator@sha256:4628ec389b445fae40227657c9b1b6330fae7a9a76cf80798c4c7f74181050f9_arm64",
"product": {
"name": "oadp/oadp-rhel8-operator@sha256:4628ec389b445fae40227657c9b1b6330fae7a9a76cf80798c4c7f74181050f9_arm64",
"product_id": "oadp/oadp-rhel8-operator@sha256:4628ec389b445fae40227657c9b1b6330fae7a9a76cf80798c4c7f74181050f9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel8-operator@sha256:4628ec389b445fae40227657c9b1b6330fae7a9a76cf80798c4c7f74181050f9?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel8-operator\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel8@sha256:e2e8e59932a0b8db365458347161fdd0589c2a533d3eb9b68330b7d3c64af363_arm64",
"product": {
"name": "oadp/oadp-velero-rhel8@sha256:e2e8e59932a0b8db365458347161fdd0589c2a533d3eb9b68330b7d3c64af363_arm64",
"product_id": "oadp/oadp-velero-rhel8@sha256:e2e8e59932a0b8db365458347161fdd0589c2a533d3eb9b68330b7d3c64af363_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel8@sha256:e2e8e59932a0b8db365458347161fdd0589c2a533d3eb9b68330b7d3c64af363?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel8\u0026tag=1.2.3-5"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel8@sha256:9615a84312443cd9b090d51f6dd132b526e58b962c00ac8475a41ad764fa35a0_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:9615a84312443cd9b090d51f6dd132b526e58b962c00ac8475a41ad764fa35a0_arm64",
"product_id": "oadp/oadp-velero-plugin-rhel8@sha256:9615a84312443cd9b090d51f6dd132b526e58b962c00ac8475a41ad764fa35a0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel8@sha256:9615a84312443cd9b090d51f6dd132b526e58b962c00ac8475a41ad764fa35a0?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:a2118e62fcd7dfe8e65b0b1e9df909da3a6317137d2097f4c4ac335c80aefdfc_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:a2118e62fcd7dfe8e65b0b1e9df909da3a6317137d2097f4c4ac335c80aefdfc_arm64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:a2118e62fcd7dfe8e65b0b1e9df909da3a6317137d2097f4c4ac335c80aefdfc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:a2118e62fcd7dfe8e65b0b1e9df909da3a6317137d2097f4c4ac335c80aefdfc?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:d5e564b3d10e44ae21a66f1cbe877b23f55ab397328f4bd168fb4340bbb1569d_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:d5e564b3d10e44ae21a66f1cbe877b23f55ab397328f4bd168fb4340bbb1569d_arm64",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:d5e564b3d10e44ae21a66f1cbe877b23f55ab397328f4bd168fb4340bbb1569d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:d5e564b3d10e44ae21a66f1cbe877b23f55ab397328f4bd168fb4340bbb1569d?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:09426f08a141993d299b940acf33c1065deba4f6bdf9d93db2496cdb043d2f8d_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:09426f08a141993d299b940acf33c1065deba4f6bdf9d93db2496cdb043d2f8d_arm64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:09426f08a141993d299b940acf33c1065deba4f6bdf9d93db2496cdb043d2f8d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:09426f08a141993d299b940acf33c1065deba4f6bdf9d93db2496cdb043d2f8d?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:934290eeb999c5cbf67ff7d306299cc1c54db613e148cea14489db94ca0c3295_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:934290eeb999c5cbf67ff7d306299cc1c54db613e148cea14489db94ca0c3295_arm64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:934290eeb999c5cbf67ff7d306299cc1c54db613e148cea14489db94ca0c3295_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:934290eeb999c5cbf67ff7d306299cc1c54db613e148cea14489db94ca0c3295?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:a7faed6579c5d1f8ff56f18889abd458e6c359a1fd038b86d6bb078cecc3d990_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:a7faed6579c5d1f8ff56f18889abd458e6c359a1fd038b86d6bb078cecc3d990_arm64",
"product_id": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:a7faed6579c5d1f8ff56f18889abd458e6c359a1fd038b86d6bb078cecc3d990_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-vsm-rhel8@sha256:a7faed6579c5d1f8ff56f18889abd458e6c359a1fd038b86d6bb078cecc3d990?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-vsm-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c34c2a171210bc35bef35c783e9d3989e9426ec00e87c3040c5e5de808e1e90e_arm64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c34c2a171210bc35bef35c783e9d3989e9426ec00e87c3040c5e5de808e1e90e_arm64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c34c2a171210bc35bef35c783e9d3989e9426ec00e87c3040c5e5de808e1e90e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:c34c2a171210bc35bef35c783e9d3989e9426ec00e87c3040c5e5de808e1e90e?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:80a01ef4f6e44980e755f6939dc00252bd7274c9d13792dfa80f15423806f277_arm64",
"product": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:80a01ef4f6e44980e755f6939dc00252bd7274c9d13792dfa80f15423806f277_arm64",
"product_id": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:80a01ef4f6e44980e755f6939dc00252bd7274c9d13792dfa80f15423806f277_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:80a01ef4f6e44980e755f6939dc00252bd7274c9d13792dfa80f15423806f277?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8\u0026tag=1.2.3-4"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:e2cecef9337f9aba8285a8d917e5cf75e24d93d44197578f93a497eed309d94a_s390x",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:e2cecef9337f9aba8285a8d917e5cf75e24d93d44197578f93a497eed309d94a_s390x",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:e2cecef9337f9aba8285a8d917e5cf75e24d93d44197578f93a497eed309d94a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:e2cecef9337f9aba8285a8d917e5cf75e24d93d44197578f93a497eed309d94a?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel8@sha256:5220e6df18cb18dc2d566bae6b49ced636d9627a111f7bb042ebab3eb0372754_s390x",
"product": {
"name": "oadp/oadp-mustgather-rhel8@sha256:5220e6df18cb18dc2d566bae6b49ced636d9627a111f7bb042ebab3eb0372754_s390x",
"product_id": "oadp/oadp-mustgather-rhel8@sha256:5220e6df18cb18dc2d566bae6b49ced636d9627a111f7bb042ebab3eb0372754_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel8@sha256:5220e6df18cb18dc2d566bae6b49ced636d9627a111f7bb042ebab3eb0372754?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8\u0026tag=1.2.3-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:912b4769343594442f2eee159d52a61ff72a559628b57002cc9fedf7fab7d992_s390x",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:912b4769343594442f2eee159d52a61ff72a559628b57002cc9fedf7fab7d992_s390x",
"product_id": "oadp/oadp-operator-bundle@sha256:912b4769343594442f2eee159d52a61ff72a559628b57002cc9fedf7fab7d992_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:912b4769343594442f2eee159d52a61ff72a559628b57002cc9fedf7fab7d992?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.2.3-5"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel8-operator@sha256:f1ca2345c320ccef8c1336e2b4caba0c97e6d455e9f1c70cfb921b07d26e9024_s390x",
"product": {
"name": "oadp/oadp-rhel8-operator@sha256:f1ca2345c320ccef8c1336e2b4caba0c97e6d455e9f1c70cfb921b07d26e9024_s390x",
"product_id": "oadp/oadp-rhel8-operator@sha256:f1ca2345c320ccef8c1336e2b4caba0c97e6d455e9f1c70cfb921b07d26e9024_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel8-operator@sha256:f1ca2345c320ccef8c1336e2b4caba0c97e6d455e9f1c70cfb921b07d26e9024?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-rhel8-operator\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel8@sha256:3d842994b0247323a38ff8c8fe943033e63b05bdc91ae17f222847e0ac11c353_s390x",
"product": {
"name": "oadp/oadp-velero-rhel8@sha256:3d842994b0247323a38ff8c8fe943033e63b05bdc91ae17f222847e0ac11c353_s390x",
"product_id": "oadp/oadp-velero-rhel8@sha256:3d842994b0247323a38ff8c8fe943033e63b05bdc91ae17f222847e0ac11c353_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel8@sha256:3d842994b0247323a38ff8c8fe943033e63b05bdc91ae17f222847e0ac11c353?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel8\u0026tag=1.2.3-5"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel8@sha256:ea6fe5af28e3c79f2545b46c1639ae5e54e3845a5df2624955a7339511982479_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:ea6fe5af28e3c79f2545b46c1639ae5e54e3845a5df2624955a7339511982479_s390x",
"product_id": "oadp/oadp-velero-plugin-rhel8@sha256:ea6fe5af28e3c79f2545b46c1639ae5e54e3845a5df2624955a7339511982479_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel8@sha256:ea6fe5af28e3c79f2545b46c1639ae5e54e3845a5df2624955a7339511982479?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:6876a1fbf67f9b91ef0cd8442ed56a2b3be79daca4f30ab583c4e95b6179b935_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:6876a1fbf67f9b91ef0cd8442ed56a2b3be79daca4f30ab583c4e95b6179b935_s390x",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:6876a1fbf67f9b91ef0cd8442ed56a2b3be79daca4f30ab583c4e95b6179b935_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:6876a1fbf67f9b91ef0cd8442ed56a2b3be79daca4f30ab583c4e95b6179b935?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:8ad05b4f05a94234566276f923ac3ef40ecc17d9e4d05821851b20e381d57bae_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:8ad05b4f05a94234566276f923ac3ef40ecc17d9e4d05821851b20e381d57bae_s390x",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:8ad05b4f05a94234566276f923ac3ef40ecc17d9e4d05821851b20e381d57bae_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:8ad05b4f05a94234566276f923ac3ef40ecc17d9e4d05821851b20e381d57bae?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:3613dc6e2c0b94095d30deae7009f05245f55b01b8caea791d99f8492d751b96_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:3613dc6e2c0b94095d30deae7009f05245f55b01b8caea791d99f8492d751b96_s390x",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:3613dc6e2c0b94095d30deae7009f05245f55b01b8caea791d99f8492d751b96_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:3613dc6e2c0b94095d30deae7009f05245f55b01b8caea791d99f8492d751b96?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:44861c3facde9c65e656ae68a8ec6c8871252d6d7e585c37743f0625e4ca7d45_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:44861c3facde9c65e656ae68a8ec6c8871252d6d7e585c37743f0625e4ca7d45_s390x",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:44861c3facde9c65e656ae68a8ec6c8871252d6d7e585c37743f0625e4ca7d45_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:44861c3facde9c65e656ae68a8ec6c8871252d6d7e585c37743f0625e4ca7d45?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:871dbeefc4f519a91948a3ab7c2e2fddc4d3f69d18a84a1a18856e0ac291eccb_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:871dbeefc4f519a91948a3ab7c2e2fddc4d3f69d18a84a1a18856e0ac291eccb_s390x",
"product_id": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:871dbeefc4f519a91948a3ab7c2e2fddc4d3f69d18a84a1a18856e0ac291eccb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-vsm-rhel8@sha256:871dbeefc4f519a91948a3ab7c2e2fddc4d3f69d18a84a1a18856e0ac291eccb?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-vsm-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:982c9120f45add7a8832505823da117a054a79913f0c2811efde3b0349f5a79e_s390x",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:982c9120f45add7a8832505823da117a054a79913f0c2811efde3b0349f5a79e_s390x",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:982c9120f45add7a8832505823da117a054a79913f0c2811efde3b0349f5a79e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:982c9120f45add7a8832505823da117a054a79913f0c2811efde3b0349f5a79e?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:4a519c0df406c04c1b03a3a88ed075fb6815f0d43fe5d364f006aaf25074c12b_s390x",
"product": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:4a519c0df406c04c1b03a3a88ed075fb6815f0d43fe5d364f006aaf25074c12b_s390x",
"product_id": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:4a519c0df406c04c1b03a3a88ed075fb6815f0d43fe5d364f006aaf25074c12b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:4a519c0df406c04c1b03a3a88ed075fb6815f0d43fe5d364f006aaf25074c12b?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8\u0026tag=1.2.3-4"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1eba8b3a26d43f2946391817f37cdd8c64415f65108acdfeba66ef9cfebcf0e0_amd64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1eba8b3a26d43f2946391817f37cdd8c64415f65108acdfeba66ef9cfebcf0e0_amd64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1eba8b3a26d43f2946391817f37cdd8c64415f65108acdfeba66ef9cfebcf0e0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:1eba8b3a26d43f2946391817f37cdd8c64415f65108acdfeba66ef9cfebcf0e0?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel8@sha256:7d66d863ae6c46e1701ed0c55a7ebd5eaba3d0a330fed5dcbdde5d5f0c5c889d_amd64",
"product": {
"name": "oadp/oadp-mustgather-rhel8@sha256:7d66d863ae6c46e1701ed0c55a7ebd5eaba3d0a330fed5dcbdde5d5f0c5c889d_amd64",
"product_id": "oadp/oadp-mustgather-rhel8@sha256:7d66d863ae6c46e1701ed0c55a7ebd5eaba3d0a330fed5dcbdde5d5f0c5c889d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel8@sha256:7d66d863ae6c46e1701ed0c55a7ebd5eaba3d0a330fed5dcbdde5d5f0c5c889d?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8\u0026tag=1.2.3-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:22d1ac29ae9c3b35e4f850cf26cdcbdf61d5630a1a9aeed079c2dc8f46bb7434_amd64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:22d1ac29ae9c3b35e4f850cf26cdcbdf61d5630a1a9aeed079c2dc8f46bb7434_amd64",
"product_id": "oadp/oadp-operator-bundle@sha256:22d1ac29ae9c3b35e4f850cf26cdcbdf61d5630a1a9aeed079c2dc8f46bb7434_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:22d1ac29ae9c3b35e4f850cf26cdcbdf61d5630a1a9aeed079c2dc8f46bb7434?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.2.3-5"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel8-operator@sha256:d610d59b4d11ca019611a80ff929cea304a333c78ae8339a8c24628daa97ccdb_amd64",
"product": {
"name": "oadp/oadp-rhel8-operator@sha256:d610d59b4d11ca019611a80ff929cea304a333c78ae8339a8c24628daa97ccdb_amd64",
"product_id": "oadp/oadp-rhel8-operator@sha256:d610d59b4d11ca019611a80ff929cea304a333c78ae8339a8c24628daa97ccdb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel8-operator@sha256:d610d59b4d11ca019611a80ff929cea304a333c78ae8339a8c24628daa97ccdb?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel8-operator\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel8@sha256:f44e0b13bbfeb73b64f9e7407a81c4ca0bbe783442dd0d29abb12e02e1bd7b8f_amd64",
"product": {
"name": "oadp/oadp-velero-rhel8@sha256:f44e0b13bbfeb73b64f9e7407a81c4ca0bbe783442dd0d29abb12e02e1bd7b8f_amd64",
"product_id": "oadp/oadp-velero-rhel8@sha256:f44e0b13bbfeb73b64f9e7407a81c4ca0bbe783442dd0d29abb12e02e1bd7b8f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel8@sha256:f44e0b13bbfeb73b64f9e7407a81c4ca0bbe783442dd0d29abb12e02e1bd7b8f?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel8\u0026tag=1.2.3-5"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel8@sha256:017ae58a715980dfc2b32aa9d1865a7786991ab86a8c17880d142d43fe5188dd_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:017ae58a715980dfc2b32aa9d1865a7786991ab86a8c17880d142d43fe5188dd_amd64",
"product_id": "oadp/oadp-velero-plugin-rhel8@sha256:017ae58a715980dfc2b32aa9d1865a7786991ab86a8c17880d142d43fe5188dd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel8@sha256:017ae58a715980dfc2b32aa9d1865a7786991ab86a8c17880d142d43fe5188dd?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:81072079708e5808b6a73d8ad9fa6838680a90565a64eed263dfac62eb074f32_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:81072079708e5808b6a73d8ad9fa6838680a90565a64eed263dfac62eb074f32_amd64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:81072079708e5808b6a73d8ad9fa6838680a90565a64eed263dfac62eb074f32_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:81072079708e5808b6a73d8ad9fa6838680a90565a64eed263dfac62eb074f32?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:166cc137856090465797a03844a1ce0c7c5b315917264d1a3c570ff8630c097f_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:166cc137856090465797a03844a1ce0c7c5b315917264d1a3c570ff8630c097f_amd64",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:166cc137856090465797a03844a1ce0c7c5b315917264d1a3c570ff8630c097f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:166cc137856090465797a03844a1ce0c7c5b315917264d1a3c570ff8630c097f?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:31e7cdd4e0965814bfa1a5e07047e3b7ed4953c11bdd0b5adadf493d9b54b534_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:31e7cdd4e0965814bfa1a5e07047e3b7ed4953c11bdd0b5adadf493d9b54b534_amd64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:31e7cdd4e0965814bfa1a5e07047e3b7ed4953c11bdd0b5adadf493d9b54b534_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:31e7cdd4e0965814bfa1a5e07047e3b7ed4953c11bdd0b5adadf493d9b54b534?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:d75d79f906c5385cfd85777780eb85a1750b76b09125d5d6bbb963f8e160ebe2_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:d75d79f906c5385cfd85777780eb85a1750b76b09125d5d6bbb963f8e160ebe2_amd64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:d75d79f906c5385cfd85777780eb85a1750b76b09125d5d6bbb963f8e160ebe2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:d75d79f906c5385cfd85777780eb85a1750b76b09125d5d6bbb963f8e160ebe2?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:7131005d74a60827511929b9a029b1e1b16284fd90d19e8fdf626fad02d65a45_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:7131005d74a60827511929b9a029b1e1b16284fd90d19e8fdf626fad02d65a45_amd64",
"product_id": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:7131005d74a60827511929b9a029b1e1b16284fd90d19e8fdf626fad02d65a45_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-vsm-rhel8@sha256:7131005d74a60827511929b9a029b1e1b16284fd90d19e8fdf626fad02d65a45?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-vsm-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:66fde1bc2e17380cff5503c81cc0b1e4912c310d4c778d7d3b76835fd1aaf45d_amd64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:66fde1bc2e17380cff5503c81cc0b1e4912c310d4c778d7d3b76835fd1aaf45d_amd64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:66fde1bc2e17380cff5503c81cc0b1e4912c310d4c778d7d3b76835fd1aaf45d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:66fde1bc2e17380cff5503c81cc0b1e4912c310d4c778d7d3b76835fd1aaf45d?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:41726661a3574000106c13ee6d8c24745dfc53775aea3a7a4bc60e45e3f3968b_amd64",
"product": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:41726661a3574000106c13ee6d8c24745dfc53775aea3a7a4bc60e45e3f3968b_amd64",
"product_id": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:41726661a3574000106c13ee6d8c24745dfc53775aea3a7a4bc60e45e3f3968b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:41726661a3574000106c13ee6d8c24745dfc53775aea3a7a4bc60e45e3f3968b?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8\u0026tag=1.2.3-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d98265aa2ddfe8a051e6e332f450ae4007e5f719eb456b2db582fe095f7cb88a_ppc64le",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d98265aa2ddfe8a051e6e332f450ae4007e5f719eb456b2db582fe095f7cb88a_ppc64le",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d98265aa2ddfe8a051e6e332f450ae4007e5f719eb456b2db582fe095f7cb88a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:d98265aa2ddfe8a051e6e332f450ae4007e5f719eb456b2db582fe095f7cb88a?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel8@sha256:e712baa2a2a94afc004397d10fc6f65334dc3a4c547a97ecea5dc96247d28d4f_ppc64le",
"product": {
"name": "oadp/oadp-mustgather-rhel8@sha256:e712baa2a2a94afc004397d10fc6f65334dc3a4c547a97ecea5dc96247d28d4f_ppc64le",
"product_id": "oadp/oadp-mustgather-rhel8@sha256:e712baa2a2a94afc004397d10fc6f65334dc3a4c547a97ecea5dc96247d28d4f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel8@sha256:e712baa2a2a94afc004397d10fc6f65334dc3a4c547a97ecea5dc96247d28d4f?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8\u0026tag=1.2.3-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:42d3bb0d645e427380af3f100307fb1aace330ed107a35961d30e2f3a1ded213_ppc64le",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:42d3bb0d645e427380af3f100307fb1aace330ed107a35961d30e2f3a1ded213_ppc64le",
"product_id": "oadp/oadp-operator-bundle@sha256:42d3bb0d645e427380af3f100307fb1aace330ed107a35961d30e2f3a1ded213_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:42d3bb0d645e427380af3f100307fb1aace330ed107a35961d30e2f3a1ded213?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.2.3-5"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel8-operator@sha256:7572bcc6b877c605805601dca3a6daf8c74b4c82defff9d53dd4173abad84e85_ppc64le",
"product": {
"name": "oadp/oadp-rhel8-operator@sha256:7572bcc6b877c605805601dca3a6daf8c74b4c82defff9d53dd4173abad84e85_ppc64le",
"product_id": "oadp/oadp-rhel8-operator@sha256:7572bcc6b877c605805601dca3a6daf8c74b4c82defff9d53dd4173abad84e85_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel8-operator@sha256:7572bcc6b877c605805601dca3a6daf8c74b4c82defff9d53dd4173abad84e85?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-rhel8-operator\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel8@sha256:ee41521bcac4206c966bc054416c92f14c240a1ef488ce4b126a8478d45966cc_ppc64le",
"product": {
"name": "oadp/oadp-velero-rhel8@sha256:ee41521bcac4206c966bc054416c92f14c240a1ef488ce4b126a8478d45966cc_ppc64le",
"product_id": "oadp/oadp-velero-rhel8@sha256:ee41521bcac4206c966bc054416c92f14c240a1ef488ce4b126a8478d45966cc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel8@sha256:ee41521bcac4206c966bc054416c92f14c240a1ef488ce4b126a8478d45966cc?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel8\u0026tag=1.2.3-5"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel8@sha256:a5d985fb6042a03fa996552e43b7734de7f82a05bd69627412ba9350d0a0d318_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:a5d985fb6042a03fa996552e43b7734de7f82a05bd69627412ba9350d0a0d318_ppc64le",
"product_id": "oadp/oadp-velero-plugin-rhel8@sha256:a5d985fb6042a03fa996552e43b7734de7f82a05bd69627412ba9350d0a0d318_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel8@sha256:a5d985fb6042a03fa996552e43b7734de7f82a05bd69627412ba9350d0a0d318?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:64777c17edf16c46a0519a6a3a479e2004da580f5f1b9987d3464894cdc3d621_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:64777c17edf16c46a0519a6a3a479e2004da580f5f1b9987d3464894cdc3d621_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:64777c17edf16c46a0519a6a3a479e2004da580f5f1b9987d3464894cdc3d621_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:64777c17edf16c46a0519a6a3a479e2004da580f5f1b9987d3464894cdc3d621?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbc5a4985c0cdf01f6b4aa0d2c9e516f7da8f6a5a6e5e795076e3f710333bb67_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbc5a4985c0cdf01f6b4aa0d2c9e516f7da8f6a5a6e5e795076e3f710333bb67_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbc5a4985c0cdf01f6b4aa0d2c9e516f7da8f6a5a6e5e795076e3f710333bb67_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:fbc5a4985c0cdf01f6b4aa0d2c9e516f7da8f6a5a6e5e795076e3f710333bb67?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:da7601aa767656db6edea1eac57f8a891eebbf74155c395b569e2d4ff5d81269_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:da7601aa767656db6edea1eac57f8a891eebbf74155c395b569e2d4ff5d81269_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:da7601aa767656db6edea1eac57f8a891eebbf74155c395b569e2d4ff5d81269_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:da7601aa767656db6edea1eac57f8a891eebbf74155c395b569e2d4ff5d81269?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:782f4fdab3ad3507e50ad2d77bc3517c3eb74670909ffbea0a0b913c895c69f5_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:782f4fdab3ad3507e50ad2d77bc3517c3eb74670909ffbea0a0b913c895c69f5_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:782f4fdab3ad3507e50ad2d77bc3517c3eb74670909ffbea0a0b913c895c69f5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:782f4fdab3ad3507e50ad2d77bc3517c3eb74670909ffbea0a0b913c895c69f5?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:c29da97ce94aff1b538072d27d58ed65a2db5caf5f079f837c949fa866b53eaa_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:c29da97ce94aff1b538072d27d58ed65a2db5caf5f079f837c949fa866b53eaa_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:c29da97ce94aff1b538072d27d58ed65a2db5caf5f079f837c949fa866b53eaa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-vsm-rhel8@sha256:c29da97ce94aff1b538072d27d58ed65a2db5caf5f079f837c949fa866b53eaa?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-vsm-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d234e14c2c5789d9d00dc64d8b67d699517c647b05f7190aeb624cd21a5cca8c_ppc64le",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d234e14c2c5789d9d00dc64d8b67d699517c647b05f7190aeb624cd21a5cca8c_ppc64le",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d234e14c2c5789d9d00dc64d8b67d699517c647b05f7190aeb624cd21a5cca8c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:d234e14c2c5789d9d00dc64d8b67d699517c647b05f7190aeb624cd21a5cca8c?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8\u0026tag=1.2.3-4"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:d1f8e31d8ab726c672f3c53044aa7b563735686968ef0b95686c54171c3faf22_ppc64le",
"product": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:d1f8e31d8ab726c672f3c53044aa7b563735686968ef0b95686c54171c3faf22_ppc64le",
"product_id": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:d1f8e31d8ab726c672f3c53044aa7b563735686968ef0b95686c54171c3faf22_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:d1f8e31d8ab726c672f3c53044aa7b563735686968ef0b95686c54171c3faf22?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8\u0026tag=1.2.3-4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1eba8b3a26d43f2946391817f37cdd8c64415f65108acdfeba66ef9cfebcf0e0_amd64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1eba8b3a26d43f2946391817f37cdd8c64415f65108acdfeba66ef9cfebcf0e0_amd64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1eba8b3a26d43f2946391817f37cdd8c64415f65108acdfeba66ef9cfebcf0e0_amd64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d79146d04177eda5ccc777815932fda586542cf53e88d2069b980d14a3bccfa8_arm64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d79146d04177eda5ccc777815932fda586542cf53e88d2069b980d14a3bccfa8_arm64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d79146d04177eda5ccc777815932fda586542cf53e88d2069b980d14a3bccfa8_arm64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d98265aa2ddfe8a051e6e332f450ae4007e5f719eb456b2db582fe095f7cb88a_ppc64le as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d98265aa2ddfe8a051e6e332f450ae4007e5f719eb456b2db582fe095f7cb88a_ppc64le"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d98265aa2ddfe8a051e6e332f450ae4007e5f719eb456b2db582fe095f7cb88a_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:e2cecef9337f9aba8285a8d917e5cf75e24d93d44197578f93a497eed309d94a_s390x as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:e2cecef9337f9aba8285a8d917e5cf75e24d93d44197578f93a497eed309d94a_s390x"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:e2cecef9337f9aba8285a8d917e5cf75e24d93d44197578f93a497eed309d94a_s390x",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel8@sha256:4410001b038f57f2b53a0aa8a7187db960410a3e6091b4923c0b1924d3ce2592_arm64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:4410001b038f57f2b53a0aa8a7187db960410a3e6091b4923c0b1924d3ce2592_arm64"
},
"product_reference": "oadp/oadp-mustgather-rhel8@sha256:4410001b038f57f2b53a0aa8a7187db960410a3e6091b4923c0b1924d3ce2592_arm64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel8@sha256:5220e6df18cb18dc2d566bae6b49ced636d9627a111f7bb042ebab3eb0372754_s390x as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:5220e6df18cb18dc2d566bae6b49ced636d9627a111f7bb042ebab3eb0372754_s390x"
},
"product_reference": "oadp/oadp-mustgather-rhel8@sha256:5220e6df18cb18dc2d566bae6b49ced636d9627a111f7bb042ebab3eb0372754_s390x",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel8@sha256:7d66d863ae6c46e1701ed0c55a7ebd5eaba3d0a330fed5dcbdde5d5f0c5c889d_amd64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:7d66d863ae6c46e1701ed0c55a7ebd5eaba3d0a330fed5dcbdde5d5f0c5c889d_amd64"
},
"product_reference": "oadp/oadp-mustgather-rhel8@sha256:7d66d863ae6c46e1701ed0c55a7ebd5eaba3d0a330fed5dcbdde5d5f0c5c889d_amd64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel8@sha256:e712baa2a2a94afc004397d10fc6f65334dc3a4c547a97ecea5dc96247d28d4f_ppc64le as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:e712baa2a2a94afc004397d10fc6f65334dc3a4c547a97ecea5dc96247d28d4f_ppc64le"
},
"product_reference": "oadp/oadp-mustgather-rhel8@sha256:e712baa2a2a94afc004397d10fc6f65334dc3a4c547a97ecea5dc96247d28d4f_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:22d1ac29ae9c3b35e4f850cf26cdcbdf61d5630a1a9aeed079c2dc8f46bb7434_amd64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:22d1ac29ae9c3b35e4f850cf26cdcbdf61d5630a1a9aeed079c2dc8f46bb7434_amd64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:22d1ac29ae9c3b35e4f850cf26cdcbdf61d5630a1a9aeed079c2dc8f46bb7434_amd64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:42d3bb0d645e427380af3f100307fb1aace330ed107a35961d30e2f3a1ded213_ppc64le as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:42d3bb0d645e427380af3f100307fb1aace330ed107a35961d30e2f3a1ded213_ppc64le"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:42d3bb0d645e427380af3f100307fb1aace330ed107a35961d30e2f3a1ded213_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:912b4769343594442f2eee159d52a61ff72a559628b57002cc9fedf7fab7d992_s390x as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:912b4769343594442f2eee159d52a61ff72a559628b57002cc9fedf7fab7d992_s390x"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:912b4769343594442f2eee159d52a61ff72a559628b57002cc9fedf7fab7d992_s390x",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:dea1e97ee88949b9692f2077f4769b214031366f72f392cd89f85c0c7dcfffd2_arm64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:dea1e97ee88949b9692f2077f4769b214031366f72f392cd89f85c0c7dcfffd2_arm64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:dea1e97ee88949b9692f2077f4769b214031366f72f392cd89f85c0c7dcfffd2_arm64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel8-operator@sha256:4628ec389b445fae40227657c9b1b6330fae7a9a76cf80798c4c7f74181050f9_arm64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:4628ec389b445fae40227657c9b1b6330fae7a9a76cf80798c4c7f74181050f9_arm64"
},
"product_reference": "oadp/oadp-rhel8-operator@sha256:4628ec389b445fae40227657c9b1b6330fae7a9a76cf80798c4c7f74181050f9_arm64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel8-operator@sha256:7572bcc6b877c605805601dca3a6daf8c74b4c82defff9d53dd4173abad84e85_ppc64le as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:7572bcc6b877c605805601dca3a6daf8c74b4c82defff9d53dd4173abad84e85_ppc64le"
},
"product_reference": "oadp/oadp-rhel8-operator@sha256:7572bcc6b877c605805601dca3a6daf8c74b4c82defff9d53dd4173abad84e85_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel8-operator@sha256:d610d59b4d11ca019611a80ff929cea304a333c78ae8339a8c24628daa97ccdb_amd64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:d610d59b4d11ca019611a80ff929cea304a333c78ae8339a8c24628daa97ccdb_amd64"
},
"product_reference": "oadp/oadp-rhel8-operator@sha256:d610d59b4d11ca019611a80ff929cea304a333c78ae8339a8c24628daa97ccdb_amd64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel8-operator@sha256:f1ca2345c320ccef8c1336e2b4caba0c97e6d455e9f1c70cfb921b07d26e9024_s390x as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:f1ca2345c320ccef8c1336e2b4caba0c97e6d455e9f1c70cfb921b07d26e9024_s390x"
},
"product_reference": "oadp/oadp-rhel8-operator@sha256:f1ca2345c320ccef8c1336e2b4caba0c97e6d455e9f1c70cfb921b07d26e9024_s390x",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:64777c17edf16c46a0519a6a3a479e2004da580f5f1b9987d3464894cdc3d621_ppc64le as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:64777c17edf16c46a0519a6a3a479e2004da580f5f1b9987d3464894cdc3d621_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:64777c17edf16c46a0519a6a3a479e2004da580f5f1b9987d3464894cdc3d621_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:6876a1fbf67f9b91ef0cd8442ed56a2b3be79daca4f30ab583c4e95b6179b935_s390x as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:6876a1fbf67f9b91ef0cd8442ed56a2b3be79daca4f30ab583c4e95b6179b935_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:6876a1fbf67f9b91ef0cd8442ed56a2b3be79daca4f30ab583c4e95b6179b935_s390x",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:81072079708e5808b6a73d8ad9fa6838680a90565a64eed263dfac62eb074f32_amd64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:81072079708e5808b6a73d8ad9fa6838680a90565a64eed263dfac62eb074f32_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:81072079708e5808b6a73d8ad9fa6838680a90565a64eed263dfac62eb074f32_amd64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:a2118e62fcd7dfe8e65b0b1e9df909da3a6317137d2097f4c4ac335c80aefdfc_arm64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:a2118e62fcd7dfe8e65b0b1e9df909da3a6317137d2097f4c4ac335c80aefdfc_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:a2118e62fcd7dfe8e65b0b1e9df909da3a6317137d2097f4c4ac335c80aefdfc_arm64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:166cc137856090465797a03844a1ce0c7c5b315917264d1a3c570ff8630c097f_amd64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:166cc137856090465797a03844a1ce0c7c5b315917264d1a3c570ff8630c097f_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:166cc137856090465797a03844a1ce0c7c5b315917264d1a3c570ff8630c097f_amd64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:8ad05b4f05a94234566276f923ac3ef40ecc17d9e4d05821851b20e381d57bae_s390x as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:8ad05b4f05a94234566276f923ac3ef40ecc17d9e4d05821851b20e381d57bae_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:8ad05b4f05a94234566276f923ac3ef40ecc17d9e4d05821851b20e381d57bae_s390x",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:d5e564b3d10e44ae21a66f1cbe877b23f55ab397328f4bd168fb4340bbb1569d_arm64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:d5e564b3d10e44ae21a66f1cbe877b23f55ab397328f4bd168fb4340bbb1569d_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:d5e564b3d10e44ae21a66f1cbe877b23f55ab397328f4bd168fb4340bbb1569d_arm64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbc5a4985c0cdf01f6b4aa0d2c9e516f7da8f6a5a6e5e795076e3f710333bb67_ppc64le as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbc5a4985c0cdf01f6b4aa0d2c9e516f7da8f6a5a6e5e795076e3f710333bb67_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbc5a4985c0cdf01f6b4aa0d2c9e516f7da8f6a5a6e5e795076e3f710333bb67_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:09426f08a141993d299b940acf33c1065deba4f6bdf9d93db2496cdb043d2f8d_arm64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:09426f08a141993d299b940acf33c1065deba4f6bdf9d93db2496cdb043d2f8d_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:09426f08a141993d299b940acf33c1065deba4f6bdf9d93db2496cdb043d2f8d_arm64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:31e7cdd4e0965814bfa1a5e07047e3b7ed4953c11bdd0b5adadf493d9b54b534_amd64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:31e7cdd4e0965814bfa1a5e07047e3b7ed4953c11bdd0b5adadf493d9b54b534_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:31e7cdd4e0965814bfa1a5e07047e3b7ed4953c11bdd0b5adadf493d9b54b534_amd64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:3613dc6e2c0b94095d30deae7009f05245f55b01b8caea791d99f8492d751b96_s390x as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:3613dc6e2c0b94095d30deae7009f05245f55b01b8caea791d99f8492d751b96_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:3613dc6e2c0b94095d30deae7009f05245f55b01b8caea791d99f8492d751b96_s390x",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:da7601aa767656db6edea1eac57f8a891eebbf74155c395b569e2d4ff5d81269_ppc64le as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:da7601aa767656db6edea1eac57f8a891eebbf74155c395b569e2d4ff5d81269_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:da7601aa767656db6edea1eac57f8a891eebbf74155c395b569e2d4ff5d81269_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:44861c3facde9c65e656ae68a8ec6c8871252d6d7e585c37743f0625e4ca7d45_s390x as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:44861c3facde9c65e656ae68a8ec6c8871252d6d7e585c37743f0625e4ca7d45_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:44861c3facde9c65e656ae68a8ec6c8871252d6d7e585c37743f0625e4ca7d45_s390x",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:782f4fdab3ad3507e50ad2d77bc3517c3eb74670909ffbea0a0b913c895c69f5_ppc64le as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:782f4fdab3ad3507e50ad2d77bc3517c3eb74670909ffbea0a0b913c895c69f5_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:782f4fdab3ad3507e50ad2d77bc3517c3eb74670909ffbea0a0b913c895c69f5_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:934290eeb999c5cbf67ff7d306299cc1c54db613e148cea14489db94ca0c3295_arm64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:934290eeb999c5cbf67ff7d306299cc1c54db613e148cea14489db94ca0c3295_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:934290eeb999c5cbf67ff7d306299cc1c54db613e148cea14489db94ca0c3295_arm64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:d75d79f906c5385cfd85777780eb85a1750b76b09125d5d6bbb963f8e160ebe2_amd64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:d75d79f906c5385cfd85777780eb85a1750b76b09125d5d6bbb963f8e160ebe2_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:d75d79f906c5385cfd85777780eb85a1750b76b09125d5d6bbb963f8e160ebe2_amd64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:7131005d74a60827511929b9a029b1e1b16284fd90d19e8fdf626fad02d65a45_amd64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:7131005d74a60827511929b9a029b1e1b16284fd90d19e8fdf626fad02d65a45_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:7131005d74a60827511929b9a029b1e1b16284fd90d19e8fdf626fad02d65a45_amd64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:871dbeefc4f519a91948a3ab7c2e2fddc4d3f69d18a84a1a18856e0ac291eccb_s390x as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:871dbeefc4f519a91948a3ab7c2e2fddc4d3f69d18a84a1a18856e0ac291eccb_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:871dbeefc4f519a91948a3ab7c2e2fddc4d3f69d18a84a1a18856e0ac291eccb_s390x",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:a7faed6579c5d1f8ff56f18889abd458e6c359a1fd038b86d6bb078cecc3d990_arm64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:a7faed6579c5d1f8ff56f18889abd458e6c359a1fd038b86d6bb078cecc3d990_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:a7faed6579c5d1f8ff56f18889abd458e6c359a1fd038b86d6bb078cecc3d990_arm64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:c29da97ce94aff1b538072d27d58ed65a2db5caf5f079f837c949fa866b53eaa_ppc64le as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:c29da97ce94aff1b538072d27d58ed65a2db5caf5f079f837c949fa866b53eaa_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:c29da97ce94aff1b538072d27d58ed65a2db5caf5f079f837c949fa866b53eaa_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:017ae58a715980dfc2b32aa9d1865a7786991ab86a8c17880d142d43fe5188dd_amd64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:017ae58a715980dfc2b32aa9d1865a7786991ab86a8c17880d142d43fe5188dd_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel8@sha256:017ae58a715980dfc2b32aa9d1865a7786991ab86a8c17880d142d43fe5188dd_amd64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:9615a84312443cd9b090d51f6dd132b526e58b962c00ac8475a41ad764fa35a0_arm64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:9615a84312443cd9b090d51f6dd132b526e58b962c00ac8475a41ad764fa35a0_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel8@sha256:9615a84312443cd9b090d51f6dd132b526e58b962c00ac8475a41ad764fa35a0_arm64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:a5d985fb6042a03fa996552e43b7734de7f82a05bd69627412ba9350d0a0d318_ppc64le as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:a5d985fb6042a03fa996552e43b7734de7f82a05bd69627412ba9350d0a0d318_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-rhel8@sha256:a5d985fb6042a03fa996552e43b7734de7f82a05bd69627412ba9350d0a0d318_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:ea6fe5af28e3c79f2545b46c1639ae5e54e3845a5df2624955a7339511982479_s390x as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:ea6fe5af28e3c79f2545b46c1639ae5e54e3845a5df2624955a7339511982479_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-rhel8@sha256:ea6fe5af28e3c79f2545b46c1639ae5e54e3845a5df2624955a7339511982479_s390x",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:66fde1bc2e17380cff5503c81cc0b1e4912c310d4c778d7d3b76835fd1aaf45d_amd64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:66fde1bc2e17380cff5503c81cc0b1e4912c310d4c778d7d3b76835fd1aaf45d_amd64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:66fde1bc2e17380cff5503c81cc0b1e4912c310d4c778d7d3b76835fd1aaf45d_amd64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:982c9120f45add7a8832505823da117a054a79913f0c2811efde3b0349f5a79e_s390x as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:982c9120f45add7a8832505823da117a054a79913f0c2811efde3b0349f5a79e_s390x"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:982c9120f45add7a8832505823da117a054a79913f0c2811efde3b0349f5a79e_s390x",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c34c2a171210bc35bef35c783e9d3989e9426ec00e87c3040c5e5de808e1e90e_arm64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c34c2a171210bc35bef35c783e9d3989e9426ec00e87c3040c5e5de808e1e90e_arm64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c34c2a171210bc35bef35c783e9d3989e9426ec00e87c3040c5e5de808e1e90e_arm64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d234e14c2c5789d9d00dc64d8b67d699517c647b05f7190aeb624cd21a5cca8c_ppc64le as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d234e14c2c5789d9d00dc64d8b67d699517c647b05f7190aeb624cd21a5cca8c_ppc64le"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d234e14c2c5789d9d00dc64d8b67d699517c647b05f7190aeb624cd21a5cca8c_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel8@sha256:3d842994b0247323a38ff8c8fe943033e63b05bdc91ae17f222847e0ac11c353_s390x as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:3d842994b0247323a38ff8c8fe943033e63b05bdc91ae17f222847e0ac11c353_s390x"
},
"product_reference": "oadp/oadp-velero-rhel8@sha256:3d842994b0247323a38ff8c8fe943033e63b05bdc91ae17f222847e0ac11c353_s390x",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel8@sha256:e2e8e59932a0b8db365458347161fdd0589c2a533d3eb9b68330b7d3c64af363_arm64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:e2e8e59932a0b8db365458347161fdd0589c2a533d3eb9b68330b7d3c64af363_arm64"
},
"product_reference": "oadp/oadp-velero-rhel8@sha256:e2e8e59932a0b8db365458347161fdd0589c2a533d3eb9b68330b7d3c64af363_arm64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel8@sha256:ee41521bcac4206c966bc054416c92f14c240a1ef488ce4b126a8478d45966cc_ppc64le as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:ee41521bcac4206c966bc054416c92f14c240a1ef488ce4b126a8478d45966cc_ppc64le"
},
"product_reference": "oadp/oadp-velero-rhel8@sha256:ee41521bcac4206c966bc054416c92f14c240a1ef488ce4b126a8478d45966cc_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel8@sha256:f44e0b13bbfeb73b64f9e7407a81c4ca0bbe783442dd0d29abb12e02e1bd7b8f_amd64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:f44e0b13bbfeb73b64f9e7407a81c4ca0bbe783442dd0d29abb12e02e1bd7b8f_amd64"
},
"product_reference": "oadp/oadp-velero-rhel8@sha256:f44e0b13bbfeb73b64f9e7407a81c4ca0bbe783442dd0d29abb12e02e1bd7b8f_amd64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:41726661a3574000106c13ee6d8c24745dfc53775aea3a7a4bc60e45e3f3968b_amd64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:41726661a3574000106c13ee6d8c24745dfc53775aea3a7a4bc60e45e3f3968b_amd64"
},
"product_reference": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:41726661a3574000106c13ee6d8c24745dfc53775aea3a7a4bc60e45e3f3968b_amd64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:4a519c0df406c04c1b03a3a88ed075fb6815f0d43fe5d364f006aaf25074c12b_s390x as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:4a519c0df406c04c1b03a3a88ed075fb6815f0d43fe5d364f006aaf25074c12b_s390x"
},
"product_reference": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:4a519c0df406c04c1b03a3a88ed075fb6815f0d43fe5d364f006aaf25074c12b_s390x",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:80a01ef4f6e44980e755f6939dc00252bd7274c9d13792dfa80f15423806f277_arm64 as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:80a01ef4f6e44980e755f6939dc00252bd7274c9d13792dfa80f15423806f277_arm64"
},
"product_reference": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:80a01ef4f6e44980e755f6939dc00252bd7274c9d13792dfa80f15423806f277_arm64",
"relates_to_product_reference": "8Base-OADP-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:d1f8e31d8ab726c672f3c53044aa7b563735686968ef0b95686c54171c3faf22_ppc64le as a component of 8Base-OADP-1.2",
"product_id": "8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:d1f8e31d8ab726c672f3c53044aa7b563735686968ef0b95686c54171c3faf22_ppc64le"
},
"product_reference": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:d1f8e31d8ab726c672f3c53044aa7b563735686968ef0b95686c54171c3faf22_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:4410001b038f57f2b53a0aa8a7187db960410a3e6091b4923c0b1924d3ce2592_arm64",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:5220e6df18cb18dc2d566bae6b49ced636d9627a111f7bb042ebab3eb0372754_s390x",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:7d66d863ae6c46e1701ed0c55a7ebd5eaba3d0a330fed5dcbdde5d5f0c5c889d_amd64",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:e712baa2a2a94afc004397d10fc6f65334dc3a4c547a97ecea5dc96247d28d4f_ppc64le",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:22d1ac29ae9c3b35e4f850cf26cdcbdf61d5630a1a9aeed079c2dc8f46bb7434_amd64",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:42d3bb0d645e427380af3f100307fb1aace330ed107a35961d30e2f3a1ded213_ppc64le",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:912b4769343594442f2eee159d52a61ff72a559628b57002cc9fedf7fab7d992_s390x",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:dea1e97ee88949b9692f2077f4769b214031366f72f392cd89f85c0c7dcfffd2_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:017ae58a715980dfc2b32aa9d1865a7786991ab86a8c17880d142d43fe5188dd_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:9615a84312443cd9b090d51f6dd132b526e58b962c00ac8475a41ad764fa35a0_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:a5d985fb6042a03fa996552e43b7734de7f82a05bd69627412ba9350d0a0d318_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:ea6fe5af28e3c79f2545b46c1639ae5e54e3845a5df2624955a7339511982479_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:66fde1bc2e17380cff5503c81cc0b1e4912c310d4c778d7d3b76835fd1aaf45d_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:982c9120f45add7a8832505823da117a054a79913f0c2811efde3b0349f5a79e_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c34c2a171210bc35bef35c783e9d3989e9426ec00e87c3040c5e5de808e1e90e_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d234e14c2c5789d9d00dc64d8b67d699517c647b05f7190aeb624cd21a5cca8c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1eba8b3a26d43f2946391817f37cdd8c64415f65108acdfeba66ef9cfebcf0e0_amd64",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d79146d04177eda5ccc777815932fda586542cf53e88d2069b980d14a3bccfa8_arm64",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d98265aa2ddfe8a051e6e332f450ae4007e5f719eb456b2db582fe095f7cb88a_ppc64le",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:e2cecef9337f9aba8285a8d917e5cf75e24d93d44197578f93a497eed309d94a_s390x",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:4628ec389b445fae40227657c9b1b6330fae7a9a76cf80798c4c7f74181050f9_arm64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:7572bcc6b877c605805601dca3a6daf8c74b4c82defff9d53dd4173abad84e85_ppc64le",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:d610d59b4d11ca019611a80ff929cea304a333c78ae8339a8c24628daa97ccdb_amd64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:f1ca2345c320ccef8c1336e2b4caba0c97e6d455e9f1c70cfb921b07d26e9024_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:64777c17edf16c46a0519a6a3a479e2004da580f5f1b9987d3464894cdc3d621_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:6876a1fbf67f9b91ef0cd8442ed56a2b3be79daca4f30ab583c4e95b6179b935_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:81072079708e5808b6a73d8ad9fa6838680a90565a64eed263dfac62eb074f32_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:a2118e62fcd7dfe8e65b0b1e9df909da3a6317137d2097f4c4ac335c80aefdfc_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:166cc137856090465797a03844a1ce0c7c5b315917264d1a3c570ff8630c097f_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:8ad05b4f05a94234566276f923ac3ef40ecc17d9e4d05821851b20e381d57bae_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:d5e564b3d10e44ae21a66f1cbe877b23f55ab397328f4bd168fb4340bbb1569d_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbc5a4985c0cdf01f6b4aa0d2c9e516f7da8f6a5a6e5e795076e3f710333bb67_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:09426f08a141993d299b940acf33c1065deba4f6bdf9d93db2496cdb043d2f8d_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:31e7cdd4e0965814bfa1a5e07047e3b7ed4953c11bdd0b5adadf493d9b54b534_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:3613dc6e2c0b94095d30deae7009f05245f55b01b8caea791d99f8492d751b96_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:da7601aa767656db6edea1eac57f8a891eebbf74155c395b569e2d4ff5d81269_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:44861c3facde9c65e656ae68a8ec6c8871252d6d7e585c37743f0625e4ca7d45_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:782f4fdab3ad3507e50ad2d77bc3517c3eb74670909ffbea0a0b913c895c69f5_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:934290eeb999c5cbf67ff7d306299cc1c54db613e148cea14489db94ca0c3295_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:d75d79f906c5385cfd85777780eb85a1750b76b09125d5d6bbb963f8e160ebe2_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:7131005d74a60827511929b9a029b1e1b16284fd90d19e8fdf626fad02d65a45_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:871dbeefc4f519a91948a3ab7c2e2fddc4d3f69d18a84a1a18856e0ac291eccb_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:a7faed6579c5d1f8ff56f18889abd458e6c359a1fd038b86d6bb078cecc3d990_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:c29da97ce94aff1b538072d27d58ed65a2db5caf5f079f837c949fa866b53eaa_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:3d842994b0247323a38ff8c8fe943033e63b05bdc91ae17f222847e0ac11c353_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:e2e8e59932a0b8db365458347161fdd0589c2a533d3eb9b68330b7d3c64af363_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:ee41521bcac4206c966bc054416c92f14c240a1ef488ce4b126a8478d45966cc_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:f44e0b13bbfeb73b64f9e7407a81c4ca0bbe783442dd0d29abb12e02e1bd7b8f_amd64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:41726661a3574000106c13ee6d8c24745dfc53775aea3a7a4bc60e45e3f3968b_amd64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:4a519c0df406c04c1b03a3a88ed075fb6815f0d43fe5d364f006aaf25074c12b_s390x",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:80a01ef4f6e44980e755f6939dc00252bd7274c9d13792dfa80f15423806f277_arm64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:d1f8e31d8ab726c672f3c53044aa7b563735686968ef0b95686c54171c3faf22_ppc64le"
],
"known_not_affected": [
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:4410001b038f57f2b53a0aa8a7187db960410a3e6091b4923c0b1924d3ce2592_arm64",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:5220e6df18cb18dc2d566bae6b49ced636d9627a111f7bb042ebab3eb0372754_s390x",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:7d66d863ae6c46e1701ed0c55a7ebd5eaba3d0a330fed5dcbdde5d5f0c5c889d_amd64",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:e712baa2a2a94afc004397d10fc6f65334dc3a4c547a97ecea5dc96247d28d4f_ppc64le",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:22d1ac29ae9c3b35e4f850cf26cdcbdf61d5630a1a9aeed079c2dc8f46bb7434_amd64",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:42d3bb0d645e427380af3f100307fb1aace330ed107a35961d30e2f3a1ded213_ppc64le",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:912b4769343594442f2eee159d52a61ff72a559628b57002cc9fedf7fab7d992_s390x",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:dea1e97ee88949b9692f2077f4769b214031366f72f392cd89f85c0c7dcfffd2_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:017ae58a715980dfc2b32aa9d1865a7786991ab86a8c17880d142d43fe5188dd_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:9615a84312443cd9b090d51f6dd132b526e58b962c00ac8475a41ad764fa35a0_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:a5d985fb6042a03fa996552e43b7734de7f82a05bd69627412ba9350d0a0d318_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:ea6fe5af28e3c79f2545b46c1639ae5e54e3845a5df2624955a7339511982479_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:66fde1bc2e17380cff5503c81cc0b1e4912c310d4c778d7d3b76835fd1aaf45d_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:982c9120f45add7a8832505823da117a054a79913f0c2811efde3b0349f5a79e_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c34c2a171210bc35bef35c783e9d3989e9426ec00e87c3040c5e5de808e1e90e_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d234e14c2c5789d9d00dc64d8b67d699517c647b05f7190aeb624cd21a5cca8c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T14:23:36+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1eba8b3a26d43f2946391817f37cdd8c64415f65108acdfeba66ef9cfebcf0e0_amd64",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d79146d04177eda5ccc777815932fda586542cf53e88d2069b980d14a3bccfa8_arm64",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d98265aa2ddfe8a051e6e332f450ae4007e5f719eb456b2db582fe095f7cb88a_ppc64le",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:e2cecef9337f9aba8285a8d917e5cf75e24d93d44197578f93a497eed309d94a_s390x",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:4628ec389b445fae40227657c9b1b6330fae7a9a76cf80798c4c7f74181050f9_arm64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:7572bcc6b877c605805601dca3a6daf8c74b4c82defff9d53dd4173abad84e85_ppc64le",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:d610d59b4d11ca019611a80ff929cea304a333c78ae8339a8c24628daa97ccdb_amd64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:f1ca2345c320ccef8c1336e2b4caba0c97e6d455e9f1c70cfb921b07d26e9024_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:64777c17edf16c46a0519a6a3a479e2004da580f5f1b9987d3464894cdc3d621_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:6876a1fbf67f9b91ef0cd8442ed56a2b3be79daca4f30ab583c4e95b6179b935_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:81072079708e5808b6a73d8ad9fa6838680a90565a64eed263dfac62eb074f32_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:a2118e62fcd7dfe8e65b0b1e9df909da3a6317137d2097f4c4ac335c80aefdfc_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:166cc137856090465797a03844a1ce0c7c5b315917264d1a3c570ff8630c097f_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:8ad05b4f05a94234566276f923ac3ef40ecc17d9e4d05821851b20e381d57bae_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:d5e564b3d10e44ae21a66f1cbe877b23f55ab397328f4bd168fb4340bbb1569d_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbc5a4985c0cdf01f6b4aa0d2c9e516f7da8f6a5a6e5e795076e3f710333bb67_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:09426f08a141993d299b940acf33c1065deba4f6bdf9d93db2496cdb043d2f8d_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:31e7cdd4e0965814bfa1a5e07047e3b7ed4953c11bdd0b5adadf493d9b54b534_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:3613dc6e2c0b94095d30deae7009f05245f55b01b8caea791d99f8492d751b96_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:da7601aa767656db6edea1eac57f8a891eebbf74155c395b569e2d4ff5d81269_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:44861c3facde9c65e656ae68a8ec6c8871252d6d7e585c37743f0625e4ca7d45_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:782f4fdab3ad3507e50ad2d77bc3517c3eb74670909ffbea0a0b913c895c69f5_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:934290eeb999c5cbf67ff7d306299cc1c54db613e148cea14489db94ca0c3295_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:d75d79f906c5385cfd85777780eb85a1750b76b09125d5d6bbb963f8e160ebe2_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:7131005d74a60827511929b9a029b1e1b16284fd90d19e8fdf626fad02d65a45_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:871dbeefc4f519a91948a3ab7c2e2fddc4d3f69d18a84a1a18856e0ac291eccb_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:a7faed6579c5d1f8ff56f18889abd458e6c359a1fd038b86d6bb078cecc3d990_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:c29da97ce94aff1b538072d27d58ed65a2db5caf5f079f837c949fa866b53eaa_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:3d842994b0247323a38ff8c8fe943033e63b05bdc91ae17f222847e0ac11c353_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:e2e8e59932a0b8db365458347161fdd0589c2a533d3eb9b68330b7d3c64af363_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:ee41521bcac4206c966bc054416c92f14c240a1ef488ce4b126a8478d45966cc_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:f44e0b13bbfeb73b64f9e7407a81c4ca0bbe783442dd0d29abb12e02e1bd7b8f_amd64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:41726661a3574000106c13ee6d8c24745dfc53775aea3a7a4bc60e45e3f3968b_amd64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:4a519c0df406c04c1b03a3a88ed075fb6815f0d43fe5d364f006aaf25074c12b_s390x",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:80a01ef4f6e44980e755f6939dc00252bd7274c9d13792dfa80f15423806f277_arm64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:d1f8e31d8ab726c672f3c53044aa7b563735686968ef0b95686c54171c3faf22_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6118"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1eba8b3a26d43f2946391817f37cdd8c64415f65108acdfeba66ef9cfebcf0e0_amd64",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d79146d04177eda5ccc777815932fda586542cf53e88d2069b980d14a3bccfa8_arm64",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d98265aa2ddfe8a051e6e332f450ae4007e5f719eb456b2db582fe095f7cb88a_ppc64le",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:e2cecef9337f9aba8285a8d917e5cf75e24d93d44197578f93a497eed309d94a_s390x",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:4410001b038f57f2b53a0aa8a7187db960410a3e6091b4923c0b1924d3ce2592_arm64",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:5220e6df18cb18dc2d566bae6b49ced636d9627a111f7bb042ebab3eb0372754_s390x",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:7d66d863ae6c46e1701ed0c55a7ebd5eaba3d0a330fed5dcbdde5d5f0c5c889d_amd64",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:e712baa2a2a94afc004397d10fc6f65334dc3a4c547a97ecea5dc96247d28d4f_ppc64le",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:22d1ac29ae9c3b35e4f850cf26cdcbdf61d5630a1a9aeed079c2dc8f46bb7434_amd64",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:42d3bb0d645e427380af3f100307fb1aace330ed107a35961d30e2f3a1ded213_ppc64le",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:912b4769343594442f2eee159d52a61ff72a559628b57002cc9fedf7fab7d992_s390x",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:dea1e97ee88949b9692f2077f4769b214031366f72f392cd89f85c0c7dcfffd2_arm64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:4628ec389b445fae40227657c9b1b6330fae7a9a76cf80798c4c7f74181050f9_arm64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:7572bcc6b877c605805601dca3a6daf8c74b4c82defff9d53dd4173abad84e85_ppc64le",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:d610d59b4d11ca019611a80ff929cea304a333c78ae8339a8c24628daa97ccdb_amd64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:f1ca2345c320ccef8c1336e2b4caba0c97e6d455e9f1c70cfb921b07d26e9024_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:64777c17edf16c46a0519a6a3a479e2004da580f5f1b9987d3464894cdc3d621_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:6876a1fbf67f9b91ef0cd8442ed56a2b3be79daca4f30ab583c4e95b6179b935_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:81072079708e5808b6a73d8ad9fa6838680a90565a64eed263dfac62eb074f32_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:a2118e62fcd7dfe8e65b0b1e9df909da3a6317137d2097f4c4ac335c80aefdfc_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:166cc137856090465797a03844a1ce0c7c5b315917264d1a3c570ff8630c097f_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:8ad05b4f05a94234566276f923ac3ef40ecc17d9e4d05821851b20e381d57bae_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:d5e564b3d10e44ae21a66f1cbe877b23f55ab397328f4bd168fb4340bbb1569d_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbc5a4985c0cdf01f6b4aa0d2c9e516f7da8f6a5a6e5e795076e3f710333bb67_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:09426f08a141993d299b940acf33c1065deba4f6bdf9d93db2496cdb043d2f8d_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:31e7cdd4e0965814bfa1a5e07047e3b7ed4953c11bdd0b5adadf493d9b54b534_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:3613dc6e2c0b94095d30deae7009f05245f55b01b8caea791d99f8492d751b96_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:da7601aa767656db6edea1eac57f8a891eebbf74155c395b569e2d4ff5d81269_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:44861c3facde9c65e656ae68a8ec6c8871252d6d7e585c37743f0625e4ca7d45_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:782f4fdab3ad3507e50ad2d77bc3517c3eb74670909ffbea0a0b913c895c69f5_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:934290eeb999c5cbf67ff7d306299cc1c54db613e148cea14489db94ca0c3295_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:d75d79f906c5385cfd85777780eb85a1750b76b09125d5d6bbb963f8e160ebe2_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:7131005d74a60827511929b9a029b1e1b16284fd90d19e8fdf626fad02d65a45_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:871dbeefc4f519a91948a3ab7c2e2fddc4d3f69d18a84a1a18856e0ac291eccb_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:a7faed6579c5d1f8ff56f18889abd458e6c359a1fd038b86d6bb078cecc3d990_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:c29da97ce94aff1b538072d27d58ed65a2db5caf5f079f837c949fa866b53eaa_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:017ae58a715980dfc2b32aa9d1865a7786991ab86a8c17880d142d43fe5188dd_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:9615a84312443cd9b090d51f6dd132b526e58b962c00ac8475a41ad764fa35a0_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:a5d985fb6042a03fa996552e43b7734de7f82a05bd69627412ba9350d0a0d318_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:ea6fe5af28e3c79f2545b46c1639ae5e54e3845a5df2624955a7339511982479_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:66fde1bc2e17380cff5503c81cc0b1e4912c310d4c778d7d3b76835fd1aaf45d_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:982c9120f45add7a8832505823da117a054a79913f0c2811efde3b0349f5a79e_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c34c2a171210bc35bef35c783e9d3989e9426ec00e87c3040c5e5de808e1e90e_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d234e14c2c5789d9d00dc64d8b67d699517c647b05f7190aeb624cd21a5cca8c_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:3d842994b0247323a38ff8c8fe943033e63b05bdc91ae17f222847e0ac11c353_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:e2e8e59932a0b8db365458347161fdd0589c2a533d3eb9b68330b7d3c64af363_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:ee41521bcac4206c966bc054416c92f14c240a1ef488ce4b126a8478d45966cc_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:f44e0b13bbfeb73b64f9e7407a81c4ca0bbe783442dd0d29abb12e02e1bd7b8f_amd64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:41726661a3574000106c13ee6d8c24745dfc53775aea3a7a4bc60e45e3f3968b_amd64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:4a519c0df406c04c1b03a3a88ed075fb6815f0d43fe5d364f006aaf25074c12b_s390x",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:80a01ef4f6e44980e755f6939dc00252bd7274c9d13792dfa80f15423806f277_arm64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:d1f8e31d8ab726c672f3c53044aa7b563735686968ef0b95686c54171c3faf22_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1eba8b3a26d43f2946391817f37cdd8c64415f65108acdfeba66ef9cfebcf0e0_amd64",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d79146d04177eda5ccc777815932fda586542cf53e88d2069b980d14a3bccfa8_arm64",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d98265aa2ddfe8a051e6e332f450ae4007e5f719eb456b2db582fe095f7cb88a_ppc64le",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:e2cecef9337f9aba8285a8d917e5cf75e24d93d44197578f93a497eed309d94a_s390x",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:4410001b038f57f2b53a0aa8a7187db960410a3e6091b4923c0b1924d3ce2592_arm64",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:5220e6df18cb18dc2d566bae6b49ced636d9627a111f7bb042ebab3eb0372754_s390x",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:7d66d863ae6c46e1701ed0c55a7ebd5eaba3d0a330fed5dcbdde5d5f0c5c889d_amd64",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:e712baa2a2a94afc004397d10fc6f65334dc3a4c547a97ecea5dc96247d28d4f_ppc64le",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:22d1ac29ae9c3b35e4f850cf26cdcbdf61d5630a1a9aeed079c2dc8f46bb7434_amd64",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:42d3bb0d645e427380af3f100307fb1aace330ed107a35961d30e2f3a1ded213_ppc64le",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:912b4769343594442f2eee159d52a61ff72a559628b57002cc9fedf7fab7d992_s390x",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:dea1e97ee88949b9692f2077f4769b214031366f72f392cd89f85c0c7dcfffd2_arm64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:4628ec389b445fae40227657c9b1b6330fae7a9a76cf80798c4c7f74181050f9_arm64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:7572bcc6b877c605805601dca3a6daf8c74b4c82defff9d53dd4173abad84e85_ppc64le",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:d610d59b4d11ca019611a80ff929cea304a333c78ae8339a8c24628daa97ccdb_amd64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:f1ca2345c320ccef8c1336e2b4caba0c97e6d455e9f1c70cfb921b07d26e9024_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:64777c17edf16c46a0519a6a3a479e2004da580f5f1b9987d3464894cdc3d621_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:6876a1fbf67f9b91ef0cd8442ed56a2b3be79daca4f30ab583c4e95b6179b935_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:81072079708e5808b6a73d8ad9fa6838680a90565a64eed263dfac62eb074f32_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:a2118e62fcd7dfe8e65b0b1e9df909da3a6317137d2097f4c4ac335c80aefdfc_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:166cc137856090465797a03844a1ce0c7c5b315917264d1a3c570ff8630c097f_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:8ad05b4f05a94234566276f923ac3ef40ecc17d9e4d05821851b20e381d57bae_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:d5e564b3d10e44ae21a66f1cbe877b23f55ab397328f4bd168fb4340bbb1569d_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbc5a4985c0cdf01f6b4aa0d2c9e516f7da8f6a5a6e5e795076e3f710333bb67_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:09426f08a141993d299b940acf33c1065deba4f6bdf9d93db2496cdb043d2f8d_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:31e7cdd4e0965814bfa1a5e07047e3b7ed4953c11bdd0b5adadf493d9b54b534_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:3613dc6e2c0b94095d30deae7009f05245f55b01b8caea791d99f8492d751b96_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:da7601aa767656db6edea1eac57f8a891eebbf74155c395b569e2d4ff5d81269_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:44861c3facde9c65e656ae68a8ec6c8871252d6d7e585c37743f0625e4ca7d45_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:782f4fdab3ad3507e50ad2d77bc3517c3eb74670909ffbea0a0b913c895c69f5_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:934290eeb999c5cbf67ff7d306299cc1c54db613e148cea14489db94ca0c3295_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:d75d79f906c5385cfd85777780eb85a1750b76b09125d5d6bbb963f8e160ebe2_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:7131005d74a60827511929b9a029b1e1b16284fd90d19e8fdf626fad02d65a45_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:871dbeefc4f519a91948a3ab7c2e2fddc4d3f69d18a84a1a18856e0ac291eccb_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:a7faed6579c5d1f8ff56f18889abd458e6c359a1fd038b86d6bb078cecc3d990_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:c29da97ce94aff1b538072d27d58ed65a2db5caf5f079f837c949fa866b53eaa_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:017ae58a715980dfc2b32aa9d1865a7786991ab86a8c17880d142d43fe5188dd_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:9615a84312443cd9b090d51f6dd132b526e58b962c00ac8475a41ad764fa35a0_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:a5d985fb6042a03fa996552e43b7734de7f82a05bd69627412ba9350d0a0d318_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:ea6fe5af28e3c79f2545b46c1639ae5e54e3845a5df2624955a7339511982479_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:66fde1bc2e17380cff5503c81cc0b1e4912c310d4c778d7d3b76835fd1aaf45d_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:982c9120f45add7a8832505823da117a054a79913f0c2811efde3b0349f5a79e_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c34c2a171210bc35bef35c783e9d3989e9426ec00e87c3040c5e5de808e1e90e_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d234e14c2c5789d9d00dc64d8b67d699517c647b05f7190aeb624cd21a5cca8c_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:3d842994b0247323a38ff8c8fe943033e63b05bdc91ae17f222847e0ac11c353_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:e2e8e59932a0b8db365458347161fdd0589c2a533d3eb9b68330b7d3c64af363_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:ee41521bcac4206c966bc054416c92f14c240a1ef488ce4b126a8478d45966cc_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:f44e0b13bbfeb73b64f9e7407a81c4ca0bbe783442dd0d29abb12e02e1bd7b8f_amd64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:41726661a3574000106c13ee6d8c24745dfc53775aea3a7a4bc60e45e3f3968b_amd64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:4a519c0df406c04c1b03a3a88ed075fb6815f0d43fe5d364f006aaf25074c12b_s390x",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:80a01ef4f6e44980e755f6939dc00252bd7274c9d13792dfa80f15423806f277_arm64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:d1f8e31d8ab726c672f3c53044aa7b563735686968ef0b95686c54171c3faf22_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1eba8b3a26d43f2946391817f37cdd8c64415f65108acdfeba66ef9cfebcf0e0_amd64",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d79146d04177eda5ccc777815932fda586542cf53e88d2069b980d14a3bccfa8_arm64",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d98265aa2ddfe8a051e6e332f450ae4007e5f719eb456b2db582fe095f7cb88a_ppc64le",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:e2cecef9337f9aba8285a8d917e5cf75e24d93d44197578f93a497eed309d94a_s390x",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:4410001b038f57f2b53a0aa8a7187db960410a3e6091b4923c0b1924d3ce2592_arm64",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:5220e6df18cb18dc2d566bae6b49ced636d9627a111f7bb042ebab3eb0372754_s390x",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:7d66d863ae6c46e1701ed0c55a7ebd5eaba3d0a330fed5dcbdde5d5f0c5c889d_amd64",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:e712baa2a2a94afc004397d10fc6f65334dc3a4c547a97ecea5dc96247d28d4f_ppc64le",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:22d1ac29ae9c3b35e4f850cf26cdcbdf61d5630a1a9aeed079c2dc8f46bb7434_amd64",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:42d3bb0d645e427380af3f100307fb1aace330ed107a35961d30e2f3a1ded213_ppc64le",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:912b4769343594442f2eee159d52a61ff72a559628b57002cc9fedf7fab7d992_s390x",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:dea1e97ee88949b9692f2077f4769b214031366f72f392cd89f85c0c7dcfffd2_arm64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:4628ec389b445fae40227657c9b1b6330fae7a9a76cf80798c4c7f74181050f9_arm64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:7572bcc6b877c605805601dca3a6daf8c74b4c82defff9d53dd4173abad84e85_ppc64le",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:d610d59b4d11ca019611a80ff929cea304a333c78ae8339a8c24628daa97ccdb_amd64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:f1ca2345c320ccef8c1336e2b4caba0c97e6d455e9f1c70cfb921b07d26e9024_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:64777c17edf16c46a0519a6a3a479e2004da580f5f1b9987d3464894cdc3d621_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:6876a1fbf67f9b91ef0cd8442ed56a2b3be79daca4f30ab583c4e95b6179b935_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:81072079708e5808b6a73d8ad9fa6838680a90565a64eed263dfac62eb074f32_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:a2118e62fcd7dfe8e65b0b1e9df909da3a6317137d2097f4c4ac335c80aefdfc_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:166cc137856090465797a03844a1ce0c7c5b315917264d1a3c570ff8630c097f_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:8ad05b4f05a94234566276f923ac3ef40ecc17d9e4d05821851b20e381d57bae_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:d5e564b3d10e44ae21a66f1cbe877b23f55ab397328f4bd168fb4340bbb1569d_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbc5a4985c0cdf01f6b4aa0d2c9e516f7da8f6a5a6e5e795076e3f710333bb67_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:09426f08a141993d299b940acf33c1065deba4f6bdf9d93db2496cdb043d2f8d_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:31e7cdd4e0965814bfa1a5e07047e3b7ed4953c11bdd0b5adadf493d9b54b534_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:3613dc6e2c0b94095d30deae7009f05245f55b01b8caea791d99f8492d751b96_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:da7601aa767656db6edea1eac57f8a891eebbf74155c395b569e2d4ff5d81269_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:44861c3facde9c65e656ae68a8ec6c8871252d6d7e585c37743f0625e4ca7d45_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:782f4fdab3ad3507e50ad2d77bc3517c3eb74670909ffbea0a0b913c895c69f5_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:934290eeb999c5cbf67ff7d306299cc1c54db613e148cea14489db94ca0c3295_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:d75d79f906c5385cfd85777780eb85a1750b76b09125d5d6bbb963f8e160ebe2_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:7131005d74a60827511929b9a029b1e1b16284fd90d19e8fdf626fad02d65a45_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:871dbeefc4f519a91948a3ab7c2e2fddc4d3f69d18a84a1a18856e0ac291eccb_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:a7faed6579c5d1f8ff56f18889abd458e6c359a1fd038b86d6bb078cecc3d990_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:c29da97ce94aff1b538072d27d58ed65a2db5caf5f079f837c949fa866b53eaa_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:017ae58a715980dfc2b32aa9d1865a7786991ab86a8c17880d142d43fe5188dd_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:9615a84312443cd9b090d51f6dd132b526e58b962c00ac8475a41ad764fa35a0_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:a5d985fb6042a03fa996552e43b7734de7f82a05bd69627412ba9350d0a0d318_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:ea6fe5af28e3c79f2545b46c1639ae5e54e3845a5df2624955a7339511982479_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:66fde1bc2e17380cff5503c81cc0b1e4912c310d4c778d7d3b76835fd1aaf45d_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:982c9120f45add7a8832505823da117a054a79913f0c2811efde3b0349f5a79e_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c34c2a171210bc35bef35c783e9d3989e9426ec00e87c3040c5e5de808e1e90e_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d234e14c2c5789d9d00dc64d8b67d699517c647b05f7190aeb624cd21a5cca8c_ppc64le",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:41726661a3574000106c13ee6d8c24745dfc53775aea3a7a4bc60e45e3f3968b_amd64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:4a519c0df406c04c1b03a3a88ed075fb6815f0d43fe5d364f006aaf25074c12b_s390x",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:80a01ef4f6e44980e755f6939dc00252bd7274c9d13792dfa80f15423806f277_arm64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:d1f8e31d8ab726c672f3c53044aa7b563735686968ef0b95686c54171c3faf22_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:3d842994b0247323a38ff8c8fe943033e63b05bdc91ae17f222847e0ac11c353_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:e2e8e59932a0b8db365458347161fdd0589c2a533d3eb9b68330b7d3c64af363_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:ee41521bcac4206c966bc054416c92f14c240a1ef488ce4b126a8478d45966cc_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:f44e0b13bbfeb73b64f9e7407a81c4ca0bbe783442dd0d29abb12e02e1bd7b8f_amd64"
],
"known_not_affected": [
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1eba8b3a26d43f2946391817f37cdd8c64415f65108acdfeba66ef9cfebcf0e0_amd64",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d79146d04177eda5ccc777815932fda586542cf53e88d2069b980d14a3bccfa8_arm64",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d98265aa2ddfe8a051e6e332f450ae4007e5f719eb456b2db582fe095f7cb88a_ppc64le",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:e2cecef9337f9aba8285a8d917e5cf75e24d93d44197578f93a497eed309d94a_s390x",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:4410001b038f57f2b53a0aa8a7187db960410a3e6091b4923c0b1924d3ce2592_arm64",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:5220e6df18cb18dc2d566bae6b49ced636d9627a111f7bb042ebab3eb0372754_s390x",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:7d66d863ae6c46e1701ed0c55a7ebd5eaba3d0a330fed5dcbdde5d5f0c5c889d_amd64",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:e712baa2a2a94afc004397d10fc6f65334dc3a4c547a97ecea5dc96247d28d4f_ppc64le",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:22d1ac29ae9c3b35e4f850cf26cdcbdf61d5630a1a9aeed079c2dc8f46bb7434_amd64",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:42d3bb0d645e427380af3f100307fb1aace330ed107a35961d30e2f3a1ded213_ppc64le",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:912b4769343594442f2eee159d52a61ff72a559628b57002cc9fedf7fab7d992_s390x",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:dea1e97ee88949b9692f2077f4769b214031366f72f392cd89f85c0c7dcfffd2_arm64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:4628ec389b445fae40227657c9b1b6330fae7a9a76cf80798c4c7f74181050f9_arm64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:7572bcc6b877c605805601dca3a6daf8c74b4c82defff9d53dd4173abad84e85_ppc64le",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:d610d59b4d11ca019611a80ff929cea304a333c78ae8339a8c24628daa97ccdb_amd64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:f1ca2345c320ccef8c1336e2b4caba0c97e6d455e9f1c70cfb921b07d26e9024_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:64777c17edf16c46a0519a6a3a479e2004da580f5f1b9987d3464894cdc3d621_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:6876a1fbf67f9b91ef0cd8442ed56a2b3be79daca4f30ab583c4e95b6179b935_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:81072079708e5808b6a73d8ad9fa6838680a90565a64eed263dfac62eb074f32_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:a2118e62fcd7dfe8e65b0b1e9df909da3a6317137d2097f4c4ac335c80aefdfc_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:166cc137856090465797a03844a1ce0c7c5b315917264d1a3c570ff8630c097f_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:8ad05b4f05a94234566276f923ac3ef40ecc17d9e4d05821851b20e381d57bae_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:d5e564b3d10e44ae21a66f1cbe877b23f55ab397328f4bd168fb4340bbb1569d_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbc5a4985c0cdf01f6b4aa0d2c9e516f7da8f6a5a6e5e795076e3f710333bb67_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:09426f08a141993d299b940acf33c1065deba4f6bdf9d93db2496cdb043d2f8d_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:31e7cdd4e0965814bfa1a5e07047e3b7ed4953c11bdd0b5adadf493d9b54b534_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:3613dc6e2c0b94095d30deae7009f05245f55b01b8caea791d99f8492d751b96_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:da7601aa767656db6edea1eac57f8a891eebbf74155c395b569e2d4ff5d81269_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:44861c3facde9c65e656ae68a8ec6c8871252d6d7e585c37743f0625e4ca7d45_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:782f4fdab3ad3507e50ad2d77bc3517c3eb74670909ffbea0a0b913c895c69f5_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:934290eeb999c5cbf67ff7d306299cc1c54db613e148cea14489db94ca0c3295_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:d75d79f906c5385cfd85777780eb85a1750b76b09125d5d6bbb963f8e160ebe2_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:7131005d74a60827511929b9a029b1e1b16284fd90d19e8fdf626fad02d65a45_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:871dbeefc4f519a91948a3ab7c2e2fddc4d3f69d18a84a1a18856e0ac291eccb_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:a7faed6579c5d1f8ff56f18889abd458e6c359a1fd038b86d6bb078cecc3d990_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:c29da97ce94aff1b538072d27d58ed65a2db5caf5f079f837c949fa866b53eaa_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:017ae58a715980dfc2b32aa9d1865a7786991ab86a8c17880d142d43fe5188dd_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:9615a84312443cd9b090d51f6dd132b526e58b962c00ac8475a41ad764fa35a0_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:a5d985fb6042a03fa996552e43b7734de7f82a05bd69627412ba9350d0a0d318_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:ea6fe5af28e3c79f2545b46c1639ae5e54e3845a5df2624955a7339511982479_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:66fde1bc2e17380cff5503c81cc0b1e4912c310d4c778d7d3b76835fd1aaf45d_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:982c9120f45add7a8832505823da117a054a79913f0c2811efde3b0349f5a79e_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c34c2a171210bc35bef35c783e9d3989e9426ec00e87c3040c5e5de808e1e90e_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d234e14c2c5789d9d00dc64d8b67d699517c647b05f7190aeb624cd21a5cca8c_ppc64le",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:41726661a3574000106c13ee6d8c24745dfc53775aea3a7a4bc60e45e3f3968b_amd64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:4a519c0df406c04c1b03a3a88ed075fb6815f0d43fe5d364f006aaf25074c12b_s390x",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:80a01ef4f6e44980e755f6939dc00252bd7274c9d13792dfa80f15423806f277_arm64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:d1f8e31d8ab726c672f3c53044aa7b563735686968ef0b95686c54171c3faf22_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T14:23:36+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:3d842994b0247323a38ff8c8fe943033e63b05bdc91ae17f222847e0ac11c353_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:e2e8e59932a0b8db365458347161fdd0589c2a533d3eb9b68330b7d3c64af363_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:ee41521bcac4206c966bc054416c92f14c240a1ef488ce4b126a8478d45966cc_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:f44e0b13bbfeb73b64f9e7407a81c4ca0bbe783442dd0d29abb12e02e1bd7b8f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6118"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1eba8b3a26d43f2946391817f37cdd8c64415f65108acdfeba66ef9cfebcf0e0_amd64",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d79146d04177eda5ccc777815932fda586542cf53e88d2069b980d14a3bccfa8_arm64",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d98265aa2ddfe8a051e6e332f450ae4007e5f719eb456b2db582fe095f7cb88a_ppc64le",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:e2cecef9337f9aba8285a8d917e5cf75e24d93d44197578f93a497eed309d94a_s390x",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:4410001b038f57f2b53a0aa8a7187db960410a3e6091b4923c0b1924d3ce2592_arm64",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:5220e6df18cb18dc2d566bae6b49ced636d9627a111f7bb042ebab3eb0372754_s390x",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:7d66d863ae6c46e1701ed0c55a7ebd5eaba3d0a330fed5dcbdde5d5f0c5c889d_amd64",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:e712baa2a2a94afc004397d10fc6f65334dc3a4c547a97ecea5dc96247d28d4f_ppc64le",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:22d1ac29ae9c3b35e4f850cf26cdcbdf61d5630a1a9aeed079c2dc8f46bb7434_amd64",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:42d3bb0d645e427380af3f100307fb1aace330ed107a35961d30e2f3a1ded213_ppc64le",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:912b4769343594442f2eee159d52a61ff72a559628b57002cc9fedf7fab7d992_s390x",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:dea1e97ee88949b9692f2077f4769b214031366f72f392cd89f85c0c7dcfffd2_arm64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:4628ec389b445fae40227657c9b1b6330fae7a9a76cf80798c4c7f74181050f9_arm64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:7572bcc6b877c605805601dca3a6daf8c74b4c82defff9d53dd4173abad84e85_ppc64le",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:d610d59b4d11ca019611a80ff929cea304a333c78ae8339a8c24628daa97ccdb_amd64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:f1ca2345c320ccef8c1336e2b4caba0c97e6d455e9f1c70cfb921b07d26e9024_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:64777c17edf16c46a0519a6a3a479e2004da580f5f1b9987d3464894cdc3d621_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:6876a1fbf67f9b91ef0cd8442ed56a2b3be79daca4f30ab583c4e95b6179b935_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:81072079708e5808b6a73d8ad9fa6838680a90565a64eed263dfac62eb074f32_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:a2118e62fcd7dfe8e65b0b1e9df909da3a6317137d2097f4c4ac335c80aefdfc_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:166cc137856090465797a03844a1ce0c7c5b315917264d1a3c570ff8630c097f_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:8ad05b4f05a94234566276f923ac3ef40ecc17d9e4d05821851b20e381d57bae_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:d5e564b3d10e44ae21a66f1cbe877b23f55ab397328f4bd168fb4340bbb1569d_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbc5a4985c0cdf01f6b4aa0d2c9e516f7da8f6a5a6e5e795076e3f710333bb67_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:09426f08a141993d299b940acf33c1065deba4f6bdf9d93db2496cdb043d2f8d_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:31e7cdd4e0965814bfa1a5e07047e3b7ed4953c11bdd0b5adadf493d9b54b534_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:3613dc6e2c0b94095d30deae7009f05245f55b01b8caea791d99f8492d751b96_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:da7601aa767656db6edea1eac57f8a891eebbf74155c395b569e2d4ff5d81269_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:44861c3facde9c65e656ae68a8ec6c8871252d6d7e585c37743f0625e4ca7d45_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:782f4fdab3ad3507e50ad2d77bc3517c3eb74670909ffbea0a0b913c895c69f5_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:934290eeb999c5cbf67ff7d306299cc1c54db613e148cea14489db94ca0c3295_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:d75d79f906c5385cfd85777780eb85a1750b76b09125d5d6bbb963f8e160ebe2_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:7131005d74a60827511929b9a029b1e1b16284fd90d19e8fdf626fad02d65a45_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:871dbeefc4f519a91948a3ab7c2e2fddc4d3f69d18a84a1a18856e0ac291eccb_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:a7faed6579c5d1f8ff56f18889abd458e6c359a1fd038b86d6bb078cecc3d990_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:c29da97ce94aff1b538072d27d58ed65a2db5caf5f079f837c949fa866b53eaa_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:017ae58a715980dfc2b32aa9d1865a7786991ab86a8c17880d142d43fe5188dd_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:9615a84312443cd9b090d51f6dd132b526e58b962c00ac8475a41ad764fa35a0_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:a5d985fb6042a03fa996552e43b7734de7f82a05bd69627412ba9350d0a0d318_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:ea6fe5af28e3c79f2545b46c1639ae5e54e3845a5df2624955a7339511982479_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:66fde1bc2e17380cff5503c81cc0b1e4912c310d4c778d7d3b76835fd1aaf45d_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:982c9120f45add7a8832505823da117a054a79913f0c2811efde3b0349f5a79e_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c34c2a171210bc35bef35c783e9d3989e9426ec00e87c3040c5e5de808e1e90e_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d234e14c2c5789d9d00dc64d8b67d699517c647b05f7190aeb624cd21a5cca8c_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:3d842994b0247323a38ff8c8fe943033e63b05bdc91ae17f222847e0ac11c353_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:e2e8e59932a0b8db365458347161fdd0589c2a533d3eb9b68330b7d3c64af363_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:ee41521bcac4206c966bc054416c92f14c240a1ef488ce4b126a8478d45966cc_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:f44e0b13bbfeb73b64f9e7407a81c4ca0bbe783442dd0d29abb12e02e1bd7b8f_amd64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:41726661a3574000106c13ee6d8c24745dfc53775aea3a7a4bc60e45e3f3968b_amd64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:4a519c0df406c04c1b03a3a88ed075fb6815f0d43fe5d364f006aaf25074c12b_s390x",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:80a01ef4f6e44980e755f6939dc00252bd7274c9d13792dfa80f15423806f277_arm64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:d1f8e31d8ab726c672f3c53044aa7b563735686968ef0b95686c54171c3faf22_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1eba8b3a26d43f2946391817f37cdd8c64415f65108acdfeba66ef9cfebcf0e0_amd64",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d79146d04177eda5ccc777815932fda586542cf53e88d2069b980d14a3bccfa8_arm64",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:d98265aa2ddfe8a051e6e332f450ae4007e5f719eb456b2db582fe095f7cb88a_ppc64le",
"8Base-OADP-1.2:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:e2cecef9337f9aba8285a8d917e5cf75e24d93d44197578f93a497eed309d94a_s390x",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:4410001b038f57f2b53a0aa8a7187db960410a3e6091b4923c0b1924d3ce2592_arm64",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:5220e6df18cb18dc2d566bae6b49ced636d9627a111f7bb042ebab3eb0372754_s390x",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:7d66d863ae6c46e1701ed0c55a7ebd5eaba3d0a330fed5dcbdde5d5f0c5c889d_amd64",
"8Base-OADP-1.2:oadp/oadp-mustgather-rhel8@sha256:e712baa2a2a94afc004397d10fc6f65334dc3a4c547a97ecea5dc96247d28d4f_ppc64le",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:22d1ac29ae9c3b35e4f850cf26cdcbdf61d5630a1a9aeed079c2dc8f46bb7434_amd64",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:42d3bb0d645e427380af3f100307fb1aace330ed107a35961d30e2f3a1ded213_ppc64le",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:912b4769343594442f2eee159d52a61ff72a559628b57002cc9fedf7fab7d992_s390x",
"8Base-OADP-1.2:oadp/oadp-operator-bundle@sha256:dea1e97ee88949b9692f2077f4769b214031366f72f392cd89f85c0c7dcfffd2_arm64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:4628ec389b445fae40227657c9b1b6330fae7a9a76cf80798c4c7f74181050f9_arm64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:7572bcc6b877c605805601dca3a6daf8c74b4c82defff9d53dd4173abad84e85_ppc64le",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:d610d59b4d11ca019611a80ff929cea304a333c78ae8339a8c24628daa97ccdb_amd64",
"8Base-OADP-1.2:oadp/oadp-rhel8-operator@sha256:f1ca2345c320ccef8c1336e2b4caba0c97e6d455e9f1c70cfb921b07d26e9024_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:64777c17edf16c46a0519a6a3a479e2004da580f5f1b9987d3464894cdc3d621_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:6876a1fbf67f9b91ef0cd8442ed56a2b3be79daca4f30ab583c4e95b6179b935_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:81072079708e5808b6a73d8ad9fa6838680a90565a64eed263dfac62eb074f32_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:a2118e62fcd7dfe8e65b0b1e9df909da3a6317137d2097f4c4ac335c80aefdfc_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:166cc137856090465797a03844a1ce0c7c5b315917264d1a3c570ff8630c097f_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:8ad05b4f05a94234566276f923ac3ef40ecc17d9e4d05821851b20e381d57bae_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:d5e564b3d10e44ae21a66f1cbe877b23f55ab397328f4bd168fb4340bbb1569d_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbc5a4985c0cdf01f6b4aa0d2c9e516f7da8f6a5a6e5e795076e3f710333bb67_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:09426f08a141993d299b940acf33c1065deba4f6bdf9d93db2496cdb043d2f8d_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:31e7cdd4e0965814bfa1a5e07047e3b7ed4953c11bdd0b5adadf493d9b54b534_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:3613dc6e2c0b94095d30deae7009f05245f55b01b8caea791d99f8492d751b96_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:da7601aa767656db6edea1eac57f8a891eebbf74155c395b569e2d4ff5d81269_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:44861c3facde9c65e656ae68a8ec6c8871252d6d7e585c37743f0625e4ca7d45_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:782f4fdab3ad3507e50ad2d77bc3517c3eb74670909ffbea0a0b913c895c69f5_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:934290eeb999c5cbf67ff7d306299cc1c54db613e148cea14489db94ca0c3295_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:d75d79f906c5385cfd85777780eb85a1750b76b09125d5d6bbb963f8e160ebe2_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:7131005d74a60827511929b9a029b1e1b16284fd90d19e8fdf626fad02d65a45_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:871dbeefc4f519a91948a3ab7c2e2fddc4d3f69d18a84a1a18856e0ac291eccb_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:a7faed6579c5d1f8ff56f18889abd458e6c359a1fd038b86d6bb078cecc3d990_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-for-vsm-rhel8@sha256:c29da97ce94aff1b538072d27d58ed65a2db5caf5f079f837c949fa866b53eaa_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:017ae58a715980dfc2b32aa9d1865a7786991ab86a8c17880d142d43fe5188dd_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:9615a84312443cd9b090d51f6dd132b526e58b962c00ac8475a41ad764fa35a0_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:a5d985fb6042a03fa996552e43b7734de7f82a05bd69627412ba9350d0a0d318_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-plugin-rhel8@sha256:ea6fe5af28e3c79f2545b46c1639ae5e54e3845a5df2624955a7339511982479_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:66fde1bc2e17380cff5503c81cc0b1e4912c310d4c778d7d3b76835fd1aaf45d_amd64",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:982c9120f45add7a8832505823da117a054a79913f0c2811efde3b0349f5a79e_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c34c2a171210bc35bef35c783e9d3989e9426ec00e87c3040c5e5de808e1e90e_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d234e14c2c5789d9d00dc64d8b67d699517c647b05f7190aeb624cd21a5cca8c_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:3d842994b0247323a38ff8c8fe943033e63b05bdc91ae17f222847e0ac11c353_s390x",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:e2e8e59932a0b8db365458347161fdd0589c2a533d3eb9b68330b7d3c64af363_arm64",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:ee41521bcac4206c966bc054416c92f14c240a1ef488ce4b126a8478d45966cc_ppc64le",
"8Base-OADP-1.2:oadp/oadp-velero-rhel8@sha256:f44e0b13bbfeb73b64f9e7407a81c4ca0bbe783442dd0d29abb12e02e1bd7b8f_amd64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:41726661a3574000106c13ee6d8c24745dfc53775aea3a7a4bc60e45e3f3968b_amd64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:4a519c0df406c04c1b03a3a88ed075fb6815f0d43fe5d364f006aaf25074c12b_s390x",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:80a01ef4f6e44980e755f6939dc00252bd7274c9d13792dfa80f15423806f277_arm64",
"8Base-OADP-1.2:oadp/oadp-volume-snapshot-mover-rhel8@sha256:d1f8e31d8ab726c672f3c53044aa7b563735686968ef0b95686c54171c3faf22_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.